Vulnerabilities > Maximo Cuadros

DATE CVE VULNERABILITY TITLE RISK
2010-03-15 CVE-2009-4708 SQL Injection vulnerability in Maximo Cuadros GB Fenewssubmit
SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
maximo-cuadros typo3 CWE-89
7.5
2010-03-15 CVE-2009-4707 Cross-Site Scripting vulnerability in Maximo Cuadros GB Fenewssubmit
Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3