Vulnerabilities > Typo3 > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-19 | CVE-2010-1006 | SQL Injection vulnerability in Typo3 Brainstorming SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1004 | SQL Injection vulnerability in Mischa Heimann Yatse SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4711 | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686. | 7.5 |
2010-03-15 | CVE-2009-4710 | SQL Injection vulnerability in Robert Heel CWT Resetbepassword SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4709 | SQL Injection vulnerability in Dirk Maiwert Datamints Newsticker SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4708 | SQL Injection vulnerability in Maximo Cuadros GB Fenewssubmit SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4703 | SQL Injection vulnerability in Typo3 WS Gallery SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4702 | SQL Injection vulnerability in Markus Barchfeld PM Tour SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4701 | SQL Injection vulnerability in Liviu Mitrofan Myth Download 0.1.0 SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-02 | CVE-2010-0798 | SQL Injection vulnerability in Snowflake T3Blog 0.5.0/0.6.0/0.6.1 SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |