ReportizFlow
Filtered by vendor Typo3
Subscriptions
Total
531 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6289 | 2 Ingo Renner, Typo3 | 2 Apache Solr, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5310 | 2 Mauro Lorenzutti, Typo3 | 2 Wfqbe, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-5303 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | N/A |
| Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." | ||||
| CVE-2013-5307 | 2 Kennziffer, Typo3 | 2 Ke Search, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3605 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5308 | 2 Juralsulek, Typo3 | 2 Realurlmanagement, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-1722 | 2 Typo3, Webempoweredchurch | 2 Typo3, Wec Discussion | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011. | ||||
| CVE-2009-4710 | 2 Robert Heel, Typo3 | 2 Cwt Resetbepassword, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4949 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4956 | 2 Typo3, Wapplersystems | 2 Typo3, Ws Stats | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Visitor Tracking (ws_stats) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4953 | 2 Stefan Geith, Typo3 | 2 Sg Userdata, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Userdata Create/Edit (sg_userdata) extension before 0.91.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4965 | 2 Thomas Waggershauser, Typo3 | 2 Air Lexicon, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the AIRware Lexicon (air_lexicon) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4967 | 2 Jochen Rieger, Typo3 | 2 Car, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4969 | 1 Typo3 | 2 Sbanner, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4889 | 2 Marco Hezel, Typo3 | 2 Hm Tinymarket, Typo3 | 2025-04-11 | N/A |
| Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2010-1012 | 2 Mathias Schreiber, Typo3 | 2 Nf Cleandb, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1013 | 2 Fr.simon Rundell, Typo3 | 2 Pd Diocesedatabase, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1014 | 2 Steffen Kamper, Typo3 | 2 Reports Logview, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Reports Logfile View (reports_logview) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1016 | 2 Laurent Foulloy, Typo3 | 2 Sav Filter Selectors, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the SAV Filter Selectors (sav_filter_selectors) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1017 | 2 Laurent Foulloy, Typo3 | 2 Sav Filter Months, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the SAV Filter Months (sav_filter_months) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||