NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:typo3:typo3:8.3.1:*:*:*:*:*:*:*
CPE Name Search: true

There are 240 matching records.

Displaying matches 101 through 120.

Vuln ID	Summary	CVSS Severity
CVE-2010-1012	SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2010-1011	Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2010-1010	SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2010-1009	SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2010-1008	Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2010-1007	Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 5.0 MEDIUM
CVE-2010-1006	SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2010-1005	Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2010-1004	SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 19, 2010; 3:00:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4711	SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686. Published: March 15, 2010; 5:30:01 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4710	SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 15, 2010; 5:30:01 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4709	SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4708	SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4707	Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4706	Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension before 0.9.24 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4705	Cross-site scripting (XSS) vulnerability in the Twitter Search (twittersearch) extension before 0.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4704	Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 5.0 MEDIUM
CVE-2009-4703	SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4702	SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4701	SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: March 15, 2010; 5:30:00 PM -0400	V3.x:(not available) V2.0: 7.5 HIGH