Vulnerabilities > Typo3

DATE CVE VULNERABILITY TITLE RISK
2008-07-07 CVE-2008-3051 SQL Injection vulnerability in Typo3 Pinboard Extension
SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
typo3 CWE-89
7.5
2008-07-07 CVE-2008-3050 Resource Management Errors vulnerability in Typo3 PDF Generator 2 Extension
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors.
network
low complexity
typo3 CWE-399
5.0
2008-07-07 CVE-2008-3049 Information Exposure vulnerability in Typo3 PDF Generator 2 Extension
The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
typo3 CWE-200
5.0
2008-07-07 CVE-2008-3048 Multiple Unspecified vulnerability in TYPO3 PDF Generator 2 Extension
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality."
network
low complexity
typo3
7.5
2008-07-07 CVE-2008-3047 Permissions, Privileges, and Access Controls vulnerability in Typo3 KB Unpack Extension
Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors.
network
low complexity
typo3 CWE-264
7.5
2008-07-07 CVE-2008-3046 Permissions, Privileges, and Access Controls vulnerability in Typo3 Packman Extension 0.2.0
Incomplete blacklist vulnerability in the Packman (kb_packman) extension 0.2.1 and earlier for TYPO3 has unknown impact and attack vectors.
network
low complexity
typo3 CWE-264
7.5
2008-07-07 CVE-2008-3045 Unspecified vulnerability in Typo3 Industry Database
Unspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."
network
low complexity
typo3
7.5
2008-07-07 CVE-2008-3044 SQL Injection vulnerability in Typo3 News Calendar Extension
SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
typo3 CWE-89
7.5
2008-07-07 CVE-2008-3043 Code Injection vulnerability in Typo3 WEC Discussion Forum 1.6.0/1.6.1
Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows attackers to execute arbitrary code via vectors related to "certain file types."
network
low complexity
typo3 CWE-94
7.5
2008-07-07 CVE-2008-3042 Permissions, Privileges, and Access Controls vulnerability in Typo3 DAM Frontend Extension
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling."
network
low complexity
typo3 CWE-264
critical
10.0