Vulnerabilities > Typo3 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-15 | CVE-2010-0350 | Path Traversal vulnerability in Arco VAN Geest Goof Fotoboek Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0344 | SQL Injection vulnerability in Typo3 ZAK Store Management SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0343 | SQL Injection vulnerability in Typo3 PB Clanlist 0.0.1 SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0342 | SQL Injection vulnerability in Typo3 JOB Reports SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0341 | SQL Injection vulnerability in Typo3 BB Simplejobs SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0340 | SQL Injection vulnerability in Typo3 Mjseventpro SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0339 | SQL Injection vulnerability in Typo3 Vm19 Userlinks SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0338 | SQL Injection vulnerability in Typo3 Ttpedit 0.0.2 SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0337 | SQL Injection vulnerability in Typo3 DL3 TT News Alerts SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0334 | SQL Injection vulnerability in Francisco Cifuentes Vote for TT News 1.0.1 SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |