) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:typo3:typo3:4.5.12:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2010-0328 |
Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: January 15, 2010; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2010-0327 |
Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-2490. Published: January 15, 2010; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2010-0326 |
Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: January 15, 2010; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2010-0325 |
Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. Published: January 15, 2010; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2010-0324 |
SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: January 15, 2010; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2010-0323 |
Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. Published: January 15, 2010; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
| CVE-2010-0322 |
SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: January 15, 2010; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2009-4401 |
SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2009-4400 |
Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2009-4399 |
SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2009-4398 |
Cross-site scripting (XSS) vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2009-4397 |
Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2009-4395 |
Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2009-4394 |
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2009-4393 |
SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2009-4392 |
SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2009-4391 |
Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2009-4390 |
SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2009-4389 |
Unspecified vulnerability in the Watchdog (aba_watchdog) extension 2.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2009-4388 |
Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) extension 1.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |