Vulnerabilities > Typo3 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-04-10 | CVE-2008-6695 | SQL Injection vulnerability in Frank Naegler Timtab Sociable SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6694 | SQL Injection vulnerability in Fr.Simon Rundell STE Prayer 0.0.1 SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6693 | SQL Injection vulnerability in Sebastian Baumann SB Downloader SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6692 | SQL Injection vulnerability in Fr.Simon Rundell PD Trainingcourses 0.1.1 SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6691 | SQL Injection vulnerability in Diocese of Portsmouth PD Calendar Today 0.0.3 SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6690 | Setting Manipulation vulnerability in Typo3 ND Antispam 1.0.3 Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6689 | SQL Injection vulnerability in Kevin Renskers Dmmjobcontrol SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6686 | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2009-04-10 | CVE-2008-6685 | Code Execution vulnerability in TYPO3 Frontend Filemanager Extension Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors. | 7.5 |
| 2009-04-07 | CVE-2008-6630 | Path Traversal vulnerability in Typo3 WT Gallery Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | 7.8 |