Filtered by vendor Typo3
Subscribe
Total
517 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3051 | 1 Typo3 | 1 Pinboard Extension | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2006-6690 | 1 Typo3 | 1 Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector. | |||||
| CVE-2008-4661 | 1 Typo3 | 2 Page Improvements, Typo3 | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-2489 | 1 Typo3 | 1 Sg Zfelib | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input." | |||||
| CVE-2008-3046 | 1 Typo3 | 1 Packman Extension | 2025-04-09 | 7.5 HIGH | N/A |
| Incomplete blacklist vulnerability in the Packman (kb_packman) extension 0.2.1 and earlier for TYPO3 has unknown impact and attack vectors. | |||||
| CVE-2008-4659 | 1 Typo3 | 2 Mannschaftsliste, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0330 | 2 Julian Fries, Typo3 | 2 Jf Easymaps, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps) extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6346 | 2 Dennis Royer, Typo3 | 2 Dr Wiki, Typo3 | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6460 | 2 Mirko Werner, Typo3 | 2 Mw Random Objects, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-4158 | 2 Mario Matzulla, Typo3 | 2 Cal, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Calendar Base (cal) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-0816 | 1 Typo3 | 1 Typo3 | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields. | |||||
| CVE-2009-4165 | 2 Simple Glossar, Typo3 | 2 Simple Glossar, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-4655 | 1 Typo3 | 2 Simplesurvey, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-3053 | 1 Typo3 | 1 Sql Frontend Extension | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6689 | 2 Kevin Renskers, Typo3 | 2 Dmmjobcontrol, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2008-5799 | 1 Typo3 | 2 Typo3, Wir Ber Uns Extension | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Wir ber uns (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6459 | 1 Typo3 | 2 Autobeuser, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6463 | 2 Fr.simon Rundell, Typo3 | 2 Pd Churchsearch, Typo3 | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-2345 | 1 Typo3 | 1 Air Filemanager | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering." | |||||
| CVE-2008-6342 | 2 Lobacher Patrick, Typo3 | 2 Simplefilebrowser, Typo3 | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. | |||||