National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:typo3:typo3:8.4.1
There are 228 matching records.
Displaying matches 221 through 228.
Vuln ID Summary CVSS Severity
CVE-2008-4661

Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: October 21, 2008; 08:11:51 PM -04:00
    V2: 4.3 MEDIUM
CVE-2008-4660

SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 08:11:51 PM -04:00
    V2: 7.5 HIGH
CVE-2008-4659

SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 08:11:51 PM -04:00
    V2: 7.5 HIGH
CVE-2008-4658

SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 08:11:51 PM -04:00
    V2: 7.5 HIGH
CVE-2008-4657

SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 08:11:51 PM -04:00
    V2: 7.5 HIGH
CVE-2008-4656

SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 08:11:51 PM -04:00
    V2: 7.5 HIGH
CVE-2008-4655

SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Published: October 21, 2008; 08:11:51 PM -04:00
    V2: 7.5 HIGH
CVE-2007-6381

SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Published: December 14, 2007; 09:46:00 PM -05:00
    V2: 6.5 MEDIUM