Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:typo3:typo3:8.4.1
There are 228 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2008-6696

SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6695

SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6694

SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6693

SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6692

SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6691

SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6690

Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6689

SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6688

Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-6687

Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2008-6686

SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6685

Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.

Published: April 10, 2009; 6:00:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2009-1264

Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.

Published: April 07, 2009; 7:30:00 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2008-6630

Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors.

Published: April 07, 2009; 10:17:17 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2008-6463

SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6462

SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6461

SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6460

SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6459

SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-6458

SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: March 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH