Vulnerabilities > Typo3 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-15 | CVE-2010-0335 | Cross-Site Scripting vulnerability in Francisco Cifuentes Vote for TT News 1.0.1 Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0331 | Cross-Site Scripting vulnerability in Stefan Tannhaeuser Tv21 Talkshow 1.0.1 Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0328 | Cross-Site Scripting vulnerability in Rastislav Birka CS2 Unitconv 1.0.4 Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0327 | Cross-Site Scripting vulnerability in Julian Kleinhans KJ Imagelightbox2 1.4.0/1.4.1/1.4.2 Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-2490. | 4.3 |
| 2010-01-15 | CVE-2010-0326 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0325 | Information Disclosure vulnerability in Sebastian Baumann SB Folderdownload 0.1.1/0.2.0/0.2.1 Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 5.0 |
| 2009-12-22 | CVE-2009-4400 | Cross-Site Scripting vulnerability in Fr.Simon Rundell STE Parish Admin Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4398 | Cross-Site Scripting vulnerability in Fr.Simon Rundell HS Religiousartgallery Cross-site scripting (XSS) vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4397 | Cross-Site Scripting vulnerability in Fr.Simon Rundell PD Resources Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-12-22 | CVE-2009-4395 | Cross-Site Scripting vulnerability in Fr.Simon Rundell STE Prayer2 0.0.2 Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |