Vulnerabilities > Typo3 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-15 | CVE-2010-0333 | SQL Injection vulnerability in Matthias Graubner MG Help SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0332 | SQL Injection vulnerability in Stefan Tannhaeuser Tv21 Talkshow 1.0.1 SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0330 | SQL Injection vulnerability in Julian Fries JF Easymaps SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps) extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0329 | SQL Injection vulnerability in Alex Kellner Powermail SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript." | 7.5 |
| 2010-01-15 | CVE-2010-0324 | SQL Injection vulnerability in Patrick Bauerochse REF List SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0323 | Information Disclosure vulnerability in Goof Fotoboek Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 7.8 |
| 2010-01-15 | CVE-2010-0322 | SQL Injection vulnerability in Matthias Karr MK Anydropdownmenu SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4401 | SQL Injection vulnerability in Fr.Simon Rundell STE Parish Admin SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4399 | SQL Injection vulnerability in Fr.Simon Rundell HS Religiousartgallery SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2009-12-22 | CVE-2009-4396 | SQL Injection vulnerability in Fr.Simon Rundell PD Resources SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |