Vulnerabilities > Typo3 > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-10-28 | CVE-2009-3819 | Remote Security vulnerability in Maag Randomimage Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors. | 10.0 |
| 2009-10-28 | CVE-2009-3818 | Remote Security vulnerability in Sr Freecap Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors. | 10.0 |
| 2009-01-22 | CVE-2009-0258 | Improper Input Validation vulnerability in Typo3 The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer. | 10.0 |
| 2008-12-31 | CVE-2008-5801 | Code Injection vulnerability in Typo3 Dictionary Extension Unspecified vulnerability in the Dictionary (rtgdictionary) extension 0.1.9 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors. | 10.0 |
| 2008-09-23 | CVE-2008-4188 | Code Injection vulnerability in Typo3 Secure Directory 0.1.3/1.0.0 Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to "injection of control characters." | 10.0 |
| 2008-07-07 | CVE-2008-3042 | Permissions, Privileges, and Access Controls vulnerability in Typo3 DAM Frontend Extension Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling." | 10.0 |
| 2008-05-19 | CVE-2008-2345 | Code Injection vulnerability in Typo3 AIR Filemanager Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering." | 10.0 |