Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:typo3:typo3:8.4.1
There are 228 matching records.
Displaying matches 201 through 220.
Vuln ID Summary CVSS Severity
CVE-2008-6457

SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6456

SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6346

Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-6344

SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6343

Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-6342

Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-6341

Cross-site scripting (XSS) vulnerability in the SB Universal Plugin (SBuniplug) extension 2.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-6340

Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-6338

SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6145

Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: February 16, 2009; 12:30:04 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6144

Multiple cross-site scripting (XSS) vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-3029.

Published: February 16, 2009; 12:30:04 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-5995

Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: January 28, 2009; 10:30:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-5799

Cross-site scripting (XSS) vulnerability in the Wir ber uns (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: December 31, 2008; 6:30:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-5798

SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: December 31, 2008; 6:30:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5797

SQL injection vulnerability in the advCalendar extension 0.3.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: December 31, 2008; 6:30:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5796

SQL injection vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: December 31, 2008; 6:30:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5795

Cross-site scripting (XSS) vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: December 31, 2008; 6:30:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-5609

SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: December 16, 2008; 8:30:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5096

Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.

Published: November 14, 2008; 2:20:54 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-5087

SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: November 14, 2008; 2:20:53 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH