Vulnerabilities > Typo3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-28 | CVE-2013-6289 | Cross-Site Scripting vulnerability in Ingo Renner Apache Solr Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-10-28 | CVE-2013-6288 | Cross Site Scripting and PHP Code Execution vulnerability in TYPO3 Apache Solr Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." | 10.0 |
| 2013-08-23 | CVE-2013-5570 | Cross-Site Scripting vulnerability in Axel Jung JS CSS Optimizer Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-23 | CVE-2013-5569 | SQL Injection vulnerability in Heiko Sudar Slideshare 0.1.0 SQL injection vulnerability in the Slideshare extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2013-08-20 | CVE-2013-5323 | Cross-Site Scripting vulnerability in Stanislas Rolland Static Info Tables Cross-site scripting (XSS) vulnerability in the Static Info Tables (static_info_tables) extension before 2.3.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-20 | CVE-2013-5322 | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2013-08-16 | CVE-2013-5310 | SQL Injection vulnerability in Mauro Lorenzutti Wfqbe 1.3.1/2.0.0 SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2013-08-16 | CVE-2013-5308 | Cross-Site Scripting vulnerability in Juralsulek Realurlmanagement Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-16 | CVE-2013-5307 | Cross-Site Scripting vulnerability in Kennziffer KE Search Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-16 | CVE-2013-5306 | SQL Injection vulnerability in Die-Netzmacher Browser 4.5.0/4.5.2 SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |