Vulnerabilities > Typo3 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-09-24 | CVE-2010-3604 | SQL Injection vulnerability in Alex Kellner Powermail SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4971 | SQL Injection vulnerability in Vincent Tietz Vjchat SQL injection vulnerability in the AJAX Chat (vjchat) extension before 0.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4970 | SQL Injection vulnerability in Typo3-Macher T3M Affiliate 0.5.0 SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4969 | SQL Injection vulnerability in Typo3 Sbanner 1.0.1 SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4968 | SQL Injection vulnerability in Christian Ehmann Event Registr SQL injection vulnerability in the Event Registration (event_registr) extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4967 | SQL Injection vulnerability in Jochen Rieger CAR SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4966 | SQL Injection vulnerability in Elemente AST Addresszipsearch 0.5.4 SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4965 | SQL Injection vulnerability in Thomas Waggershauser AIR Lexicon 0.0.1 SQL injection vulnerability in the AIRware Lexicon (air_lexicon) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-28 | CVE-2009-4959 | SQL Injection vulnerability in Stefan Koch T3M SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-07-22 | CVE-2009-4955 | SQL Injection vulnerability in Thomas Hempel TH Ultracards SQL injection vulnerability in the ultraCards (th_ultracards) extension before 0.5.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |