Filtered by vendor Typo3
Subscriptions
Total
527 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6699 | 1 Typo3 | 2 Tjs Reslib, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-6698 | 2 Michael Fritz, Typo3 | 2 Worldcup, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-6695 | 2 Frank Naegler, Typo3 | 2 Timtab Sociable, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6694 | 2 Fr.simon Rundell, Typo3 | 2 Ste Prayer, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6693 | 2 Sebastian Baumann, Typo3 | 2 Sb Downloader, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6692 | 2 Fr.simon Rundell, Typo3 | 2 Pd Trainingcourses, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6691 | 2 Diocese Of Portsmouth, Typo3 | 2 Pd Calendar Today, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6690 | 1 Typo3 | 2 Nd Antispam, Typo3 | 2025-04-09 | N/A |
| Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. | ||||
| CVE-2008-6689 | 2 Kevin Renskers, Typo3 | 2 Dmmjobcontrol, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6685 | 2 Thomas Waggershauser, Typo3 | 2 Air Filemanager, Typo3 | 2025-04-09 | N/A |
| Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors. | ||||
| CVE-2008-6630 | 1 Typo3 | 2 Typo3, Wt Gallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | ||||
| CVE-2008-3038 | 1 Typo3 | 1 Address Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6462 | 2 Kurt Gusbeth, Typo3 | 2 Myquizpoll, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6145 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6688 | 2 Kevin Renskers, Typo3 | 2 Dmmjobcontrol, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-6697 | 2 Michael Fritz, Typo3 | 2 Worldcup, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6461 | 2 Fr.simon Rundell, Typo3 | 2 Ste Prayer2, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6460 | 2 Mirko Werner, Typo3 | 2 Mw Random Objects, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6459 | 1 Typo3 | 2 Autobeuser, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-0815 | 1 Typo3 | 1 Typo3 | 2025-04-09 | N/A |
| The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request. | ||||