Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2009-03-13 CVE-2008-6460 SQL Injection vulnerability in Mirko Werner MW Random Objects
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
typo3 mirko-werner CWE-89
7.5
2009-03-13 CVE-2008-6459 SQL Injection vulnerability in Typo3 Autobeuser
SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
typo3 CWE-89
7.5
2009-03-13 CVE-2008-6458 SQL Injection vulnerability in Dieter Mayer FE Address Edit
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
typo3 dieter-mayer CWE-89
7.5
2009-03-13 CVE-2008-6457 SQL Injection vulnerability in Walnutstreet Cgswigmore 0.1.0
SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
walnutstreet typo3 CWE-89
7.5
2009-03-13 CVE-2008-6456 SQL Injection vulnerability in Martin Helmich Hbook
SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
martin-helmich typo3 CWE-89
7.5
2009-03-13 CVE-2008-6454 SQL Injection vulnerability in 6Rbscript 3.3
SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbitrary SQL commands via the singerid parameter in a singers action.
network
low complexity
6rbscript CWE-89
7.5
2009-03-13 CVE-2008-6452 SQL Injection vulnerability in Oceandir
SQL injection vulnerability in show_vote.php in Oceandir 2.9 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
oceandir CWE-89
7.5
2009-03-13 CVE-2008-6451 SQL Injection vulnerability in Jportal 2
SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
jportal CWE-89
7.5
2009-03-12 CVE-2009-0882 SQL Injection vulnerability in Roman Bogorodskiy Nforum 1.5
Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.
network
low complexity
roman-bogorodskiy CWE-89
7.5
2009-03-12 CVE-2009-0881 SQL Injection vulnerability in Josema Enzo Isiajax 1
SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
josema-enzo CWE-89
7.5