Vulnerabilities > Typo3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-19 | CVE-2010-1014 | Cross-Site Scripting vulnerability in Steffen Kamper Reports Logview Cross-site scripting (XSS) vulnerability in the Reports Logfile View (reports_logview) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1013 | SQL Injection vulnerability in Fr.Simon Rundell PD Diocesedatabase SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1012 | SQL Injection vulnerability in Mathias Schreiber NF Cleandb SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1011 | Cross-Site Scripting vulnerability in TIM Lochmueller Mydashboard Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1010 | SQL Injection vulnerability in Matthias Kall MK Wastebasket SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1009 | SQL Injection vulnerability in Joachim-Ruhs Educator 0.1.5 SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1008 | Cross-Site Scripting vulnerability in Christian Hennecke Chsellector 0.1.0 Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1007 | Information Exposure vulnerability in CHI Hoang CH Lightem Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
2010-03-19 | CVE-2010-1006 | SQL Injection vulnerability in Typo3 Brainstorming SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1005 | Cross-Site Scripting vulnerability in Mischa Heimann Yatse Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |