Vulnerabilities > Typo3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-09 | CVE-2010-4957 | SQL Injection vulnerability in Nadine Schwingler KE Questionnaire 1.2.1/2.0.0 SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-09 | CVE-2010-4956 | Cross-Site Scripting vulnerability in Nadine Schwingler KE Questionnaire 1.2.1/2.0.0 Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-10-09 | CVE-2010-4953 | Unspecified vulnerability in JW Calendar JW Calendar Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
| 2011-10-09 | CVE-2010-4952 | SQL Injection vulnerability in Joachim Ruhs Festat 0.1.6/0.1.8/0.1.9 SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-09 | CVE-2010-4951 | Cross-Site Scripting vulnerability in Thomas Mammitzsch VX Xajax Shoutbox Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-10-09 | CVE-2010-4950 | SQL Injection vulnerability in Joachim Ruhs Event SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-07 | CVE-2010-4892 | Cross-Site Scripting vulnerability in Alex Kellner Powermail Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-10-07 | CVE-2010-4891 | SQL Injection vulnerability in Andreas Kiefer KE YAC SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2011-10-07 | CVE-2010-4890 | Cross-Site Scripting vulnerability in Andreas Kiefer KE YAC Cross-site scripting (XSS) vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-10-07 | CVE-2010-4889 | Unspecified vulnerability in Marco Hezel HM Tinymarket Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors. | 10.0 |