Vulnerabilities > Typo3

DATE	CVE	VULNERABILITY TITLE	RISK
2010-03-15	CVE-2009-4702	SQL Injection vulnerability in Markus Barchfeld PM Tour SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity markus-barchfeld typo3 CWE-89	7.5
2010-03-15	CVE-2009-4701	SQL Injection vulnerability in Liviu Mitrofan Myth Download 0.1.0 SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity liviu-mitrofan typo3 CWE-89	7.5
2010-03-02	CVE-2010-0798	SQL Injection vulnerability in Snowflake T3Blog 0.5.0/0.6.0/0.6.1 SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity snowflake typo3 CWE-89	7.5
2010-03-02	CVE-2010-0797	Cross-Site Scripting vulnerability in Snowflake T3Blog 0.5.0/0.6.0/0.6.1 Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network snowflake typo3 CWE-79	4.3
2010-02-22	CVE-2010-0286	Security Bypass vulnerability in Typo3 4.3.0 Unspecified vulnerability in the OpenID Identity Authentication extension in TYPO3 4.3.0 allows remote attackers to bypass authentication and gain access to a backend user account via unknown attack vectors in which both the attacker and victim have an OpenID provider that discards identities during authentication. network high complexity typo3	5.1
2010-01-15	CVE-2010-0350	Path Traversal vulnerability in Arco VAN Geest Goof Fotoboek Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors. network low complexity arco-van-geest typo3 CWE-22	7.5
2010-01-15	CVE-2010-0347	Cross-Site Scripting vulnerability in Typo3 VD Gemomap Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap) extension 0.3.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network typo3 CWE-79	4.3
2010-01-15	CVE-2010-0346	Cross-Site Scripting vulnerability in Typo3 Mimi Tipfriends Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi_tipfriends) extension 0.0.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network typo3 CWE-79	4.3
2010-01-15	CVE-2010-0345	Cross-Site Scripting vulnerability in Typo3 Majordomo Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network typo3 CWE-79	4.3
2010-01-15	CVE-2010-0344	SQL Injection vulnerability in Typo3 ZAK Store Management SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity typo3 CWE-89	7.5

Vulnerabilities > Typo3 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Typo3"}]}

Vulnerabilities > Typo3