Vulnerabilities > Typo3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-15 | CVE-2010-0323 | Information Disclosure vulnerability in Goof Fotoboek Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 7.8 |
| 2010-01-15 | CVE-2010-0322 | SQL Injection vulnerability in Matthias Karr MK Anydropdownmenu SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4401 | SQL Injection vulnerability in Fr.Simon Rundell STE Parish Admin SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4400 | Cross-Site Scripting vulnerability in Fr.Simon Rundell STE Parish Admin Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4399 | SQL Injection vulnerability in Fr.Simon Rundell HS Religiousartgallery SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4398 | Cross-Site Scripting vulnerability in Fr.Simon Rundell HS Religiousartgallery Cross-site scripting (XSS) vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4397 | Cross-Site Scripting vulnerability in Fr.Simon Rundell PD Resources Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4396 | SQL Injection vulnerability in Fr.Simon Rundell PD Resources SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4395 | Cross-Site Scripting vulnerability in Fr.Simon Rundell STE Prayer2 0.0.2 Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4394 | SQL Injection vulnerability in Fr.Simon Rundell STE Prayer2 0.0.2 SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |