NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:typo3:typo3:8.3.1:*:*:*:*:*:*:*
CPE Name Search: true

There are 240 matching records.

Displaying matches 161 through 180.

Vuln ID	Summary	CVSS Severity
CVE-2009-4389	Unspecified vulnerability in the Watchdog (aba_watchdog) extension 2.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. Published: December 22, 2009; 6:30:00 PM -0500	V3.x:(not available) V2.0: 5.0 MEDIUM
CVE-2009-4388	Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) extension 1.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 22, 2009; 6:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4346	Cross-site scripting (XSS) vulnerability in the Frontend news submitter with RTE (fe_rtenews) extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4345	Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4344	Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4343	Cross-site scripting (XSS) vulnerability in the Training Company Database (trainincdb) extension 0.4.7 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4342	SQL injection vulnerability in the Job Exchange (jobexchange) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4341	SQL injection vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4340	Cross-site scripting (XSS) vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4339	SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4338	SQL injection vulnerability in the Flash SlideShow (slideshow) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4337	SQL injection vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2008-6691. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4336	Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 17, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4167	Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_basetag) extension 1.0.0 for TYPO3 allows remote attackers to conduct "Cache spoofing" attacks via unspecified vectors. Published: December 02, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 6.4 MEDIUM
CVE-2009-4166	SQL injection vulnerability in the Trips (mchtrips) extension 2.0.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 02, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4165	SQL injection vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 02, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4164	Cross-site scripting (XSS) vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 02, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2009-4163	SQL injection vulnerability in the TW Productfinder (tw_productfinder) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: December 02, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.5 HIGH
CVE-2009-4162	Unspecified vulnerability in the DB Integration (wfqbe) extension 1.3.1 and earlier for TYPO3 allows local users to execute arbitrary commands via unspecified vectors. Published: December 02, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 7.2 HIGH
CVE-2009-4161	Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_searchit) extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 02, 2009; 12:30:00 PM -0500	V3.x:(not available) V2.0: 4.3 MEDIUM