Filtered by vendor Typo3
Subscriptions
Filtered by product Typo3
Subscriptions
Total
477 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6457 | 2 Typo3, Walnutstreet | 2 Typo3, Cgswigmore | 2025-04-09 | N/A |
| SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-6690 | 1 Typo3 | 1 Typo3 | 2025-04-09 | N/A |
| rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector. | ||||
| CVE-2008-6456 | 2 Martin Helmich, Typo3 | 2 Hbook, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6346 | 2 Dennis Royer, Typo3 | 2 Dr Wiki, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-3629 | 1 Typo3 | 1 Typo3 | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-5069 | 1 Typo3 | 1 Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 before 4.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2009-4164 | 2 Simple Glossar, Typo3 | 2 Simple Glossar, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0322 | 2 Matthias Karr, Typo3 | 2 Mk Anydropdownmenu, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4401 | 2 Fr.simon Rundell, Typo3 | 2 Ste Parish Admin, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4400 | 2 Fr.simon Rundell, Typo3 | 2 Ste Parish Admin, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4399 | 2 Fr.simon Rundell, Typo3 | 2 Hs Religiousartgallery, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4396 | 2 Fr.simon Rundell, Typo3 | 2 Pd Resources, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4394 | 2 Fr.simon Rundell, Typo3 | 2 Ste Prayer2, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4392 | 1 Typo3 | 2 Typo3, Xds Staff | 2025-04-09 | N/A |
| SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4391 | 2 Daniel Regelein, Typo3 | 2 Dr Blob, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4346 | 2 Toni Milovan, Typo3 | 2 Fe Rtenews, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Frontend news submitter with RTE (fe_rtenews) extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4344 | 2 Tobias Sommer, Typo3 | 2 Zid Linklist, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4343 | 2 Dominic Eckart, Typo3 | 2 Trainincdb, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Training Company Database (trainincdb) extension 0.4.7 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4342 | 2 Melvin Mach, Typo3 | 2 Jobexchange, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the Job Exchange (jobexchange) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2009-4341 | 2 Mischa Heissmann, Typo3 | 2 No Indexed Search, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||