Vulnerabilities > Typo3 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-12-17 | CVE-2008-5644 | Cross-Site Scripting vulnerability in Typo3 4.2.2 Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
| 2008-11-14 | CVE-2008-5096 | Information Exposure vulnerability in Typo3 File List Extension Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. | 5.0 |
| 2008-10-22 | CVE-2008-4661 | Cross-Site Scripting vulnerability in Typo3 Page Improvements Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-07-07 | CVE-2008-3050 | Resource Management Errors vulnerability in Typo3 PDF Generator 2 Extension Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors. | 5.0 |
| 2008-07-07 | CVE-2008-3049 | Information Exposure vulnerability in Typo3 PDF Generator 2 Extension The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2008-07-07 | CVE-2008-3040 | Information Exposure vulnerability in Typo3 DAM Frontend Extension Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
| 2008-07-07 | CVE-2008-3037 | Cross-Site Scripting vulnerability in Typo3 Address Directory Cross-site scripting (XSS) vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-07-07 | CVE-2008-3032 | Cross-Site Scripting vulnerability in Typo3 PHPmyadmin 0.2.2/3.0 Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-07-07 | CVE-2008-3029 | Cross-Site Scripting vulnerability in Typo3 WEC Discussion Forum 1.6/1.6.0/1.6.1 Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-07-07 | CVE-2008-3028 | Cross-Site Scripting vulnerability in Typo3 Send A Card 2.2/2.2.1 Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |