Vulnerabilities > Joachim Ruhs

DATE CVE VULNERABILITY TITLE RISK
2013-08-16 CVE-2013-5305 Cross-Site Scripting vulnerability in Joachim Ruhs Locator
Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2013-08-16 CVE-2013-5304 SQL Injection vulnerability in Joachim Ruhs Locator
SQL injection vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
joachim-ruhs typo3 CWE-89
7.5
2013-08-16 CVE-2013-5303 Security vulnerability in TYPO3 Store Locator Extension
Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."
network
low complexity
joachim-ruhs typo3
critical
10.0
2011-10-09 CVE-2010-4952 SQL Injection vulnerability in Joachim Ruhs Festat 0.1.6/0.1.8/0.1.9
SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
joachim-ruhs typo3 CWE-89
7.5
2011-10-09 CVE-2010-4950 SQL Injection vulnerability in Joachim Ruhs Event
SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
joachim-ruhs typo3 CWE-89
7.5
2010-07-22 CVE-2009-4949 SQL Injection vulnerability in Joachim Ruhs Locator
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
joachim-ruhs typo3 CWE-89
7.5
2010-07-22 CVE-2009-4948 Cross-Site Scripting vulnerability in Joachim Ruhs Locator
Cross-site scripting (XSS) vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2010-04-23 CVE-2009-4802 SQL Injection vulnerability in Joachim Ruhs Flat Manager
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
joachim-ruhs typo3 CWE-89
7.5
2010-03-19 CVE-2010-1009 SQL Injection vulnerability in Joachim-Ruhs Educator 0.1.5
SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
joachim-ruhs typo3 CWE-89
7.5