Vulnerabilities > Typo3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-12-22 | CVE-2009-4393 | SQL Injection vulnerability in Daniel Ptzinger Danp Documentdirs SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4392 | SQL Injection vulnerability in Typo3 XDS Staff SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4391 | Cross-Site Scripting vulnerability in Daniel Regelein DR Blob 2.1.1 Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4390 | SQL Injection vulnerability in Jochen Rieger CAR 0.1.1 SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4389 | Information Disclosure vulnerability in Aba Watchdog 2.0.0/2.0.1 Unspecified vulnerability in the Watchdog (aba_watchdog) extension 2.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 5.0 |
| 2009-12-22 | CVE-2009-4388 | Cross-Site Scripting vulnerability in Frank Krger NL Listman 1.2.1 Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) extension 1.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-17 | CVE-2009-4346 | Cross-Site Scripting vulnerability in Toni Milovan FE Rtenews 1.4.1 Cross-site scripting (XSS) vulnerability in the Frontend news submitter with RTE (fe_rtenews) extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-17 | CVE-2009-4345 | Cross-Site Scripting vulnerability in Jonas Renggli Vshoutbox 0.0.1 Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-17 | CVE-2009-4344 | Cross-Site Scripting vulnerability in Tobias Sommer ZID Linklist 1.0.0 Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-17 | CVE-2009-4343 | Cross-Site Scripting vulnerability in Dominic Eckart Trainincdb 0.4.7 Cross-site scripting (XSS) vulnerability in the Training Company Database (trainincdb) extension 0.4.7 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |