Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:typo3:typo3:8.4.1
There are 233 matching records.
Displaying matches 221 through 233.
Vuln ID Summary CVSS Severity
CVE-2008-5796

SQL injection vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: December 31, 2008; 6:30:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5795

Cross-site scripting (XSS) vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: December 31, 2008; 6:30:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-5609

SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: December 16, 2008; 8:30:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5096

Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.

Published: November 14, 2008; 2:20:54 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-5087

SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: November 14, 2008; 2:20:53 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-4661

Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: October 21, 2008; 8:11:51 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-4660

SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 8:11:51 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-4659

SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 8:11:51 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-4658

SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 8:11:51 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-4657

SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 8:11:51 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-4656

SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 8:11:51 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-4655

SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 8:11:51 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-6381

SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Published: December 14, 2007; 9:46:00 PM -0500
V3.x:(not available)
V2.0: 6.5 MEDIUM