Vulnerabilities > Typo3 > Typo3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-04-10 | CVE-2008-6693 | SQL Injection vulnerability in Sebastian Baumann SB Downloader SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6692 | SQL Injection vulnerability in Fr.Simon Rundell PD Trainingcourses 0.1.1 SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6691 | SQL Injection vulnerability in Diocese of Portsmouth PD Calendar Today 0.0.3 SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6690 | Setting Manipulation vulnerability in Typo3 ND Antispam 1.0.3 Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6689 | SQL Injection vulnerability in Kevin Renskers Dmmjobcontrol SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6688 | Cross-Site Scripting vulnerability in Kevin Renskers Dmmjobcontrol Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2009-04-10 | CVE-2008-6687 | Cross-Site Scripting vulnerability in David Cadu Dcdgooglemap Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2009-04-10 | CVE-2008-6686 | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6685 | Code Execution vulnerability in TYPO3 Frontend Filemanager Extension Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors. | 7.5 |
2009-04-07 | CVE-2009-1264 | Permissions, Privileges, and Access Controls vulnerability in Stanislas Rolland SR Feuser Register Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors. | 4.0 |