) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:typo3:typo3:7.6.18:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2008-5795 |
Cross-site scripting (XSS) vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 31, 2008; 6:30:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2008-5609 |
SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 16, 2008; 8:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-5096 |
Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. Published: November 14, 2008; 2:20:54 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2008-5087 |
SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: November 14, 2008; 2:20:53 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-4661 |
Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: October 21, 2008; 8:11:51 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2008-4660 |
SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: October 21, 2008; 8:11:51 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-4659 |
SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: October 21, 2008; 8:11:51 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-4658 |
SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: October 21, 2008; 8:11:51 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-4657 |
SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: October 21, 2008; 8:11:51 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-4656 |
SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: October 21, 2008; 8:11:51 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-4655 |
SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: October 21, 2008; 8:11:51 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2007-6381 |
SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Published: December 14, 2007; 9:46:00 PM -0500 |
V3.x:(not available) V2.0: 6.5 MEDIUM |