Vulnerabilities > Typo3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-01-15 | CVE-2010-0333 | SQL Injection vulnerability in Matthias Graubner MG Help SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-01-15 | CVE-2010-0332 | SQL Injection vulnerability in Stefan Tannhaeuser Tv21 Talkshow 1.0.1 SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-01-15 | CVE-2010-0331 | Cross-Site Scripting vulnerability in Stefan Tannhaeuser Tv21 Talkshow 1.0.1 Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-01-15 | CVE-2010-0330 | SQL Injection vulnerability in Julian Fries JF Easymaps SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps) extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-01-15 | CVE-2010-0329 | SQL Injection vulnerability in Alex Kellner Powermail SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript." | 7.5 |
2010-01-15 | CVE-2010-0328 | Cross-Site Scripting vulnerability in Rastislav Birka CS2 Unitconv 1.0.4 Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-01-15 | CVE-2010-0327 | Cross-Site Scripting vulnerability in Julian Kleinhans KJ Imagelightbox2 1.4.0/1.4.1/1.4.2 Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-2490. | 4.3 |
2010-01-15 | CVE-2010-0326 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-01-15 | CVE-2010-0325 | Information Disclosure vulnerability in Sebastian Baumann SB Folderdownload 0.1.1/0.2.0/0.2.1 Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 5.0 |
2010-01-15 | CVE-2010-0324 | SQL Injection vulnerability in Patrick Bauerochse REF List SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |