Typo3 CVEs and Security Vulnerabilities

Filtered by vendor Typo3 Subscriptions

Filtered by product Typo3 Subscriptions

Search

Switch to Advanced Search (Beta)

Total 462 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2009-4341	2 Mischa Heissmann, Typo3	2 No Indexed Search, Typo3	2025-04-09	N/A
SQL injection vulnerability in the No indexed Search (no_indexed_search) extension 0.2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-4342	2 Melvin Mach, Typo3	2 Jobexchange, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Job Exchange (jobexchange) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-4343	2 Dominic Eckart, Typo3	2 Trainincdb, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Training Company Database (trainincdb) extension 0.4.7 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4344	2 Tobias Sommer, Typo3	2 Zid Linklist, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4390	2 Jochen Rieger, Typo3	2 Car, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4391	2 Daniel Regelein, Typo3	2 Dr Blob, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4392	1 Typo3	2 Typo3, Xds Staff	2025-04-09	N/A
SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4394	2 Fr.simon Rundell, Typo3	2 Ste Prayer2, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4396	2 Fr.simon Rundell, Typo3	2 Pd Resources, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4399	2 Fr.simon Rundell, Typo3	2 Hs Religiousartgallery, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4400	2 Fr.simon Rundell, Typo3	2 Ste Parish Admin, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4388	2 Frank Krger, Typo3	2 Nl Listman, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) extension 1.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6457	2 Typo3, Walnutstreet	2 Typo3, Cgswigmore	2025-04-09	N/A
SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6456	2 Martin Helmich, Typo3	2 Hbook, Typo3	2025-04-09	N/A
SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0328	2 Rastislav Birka, Typo3	2 Cs2 Unitconv, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6343	1 Typo3	2 Tu-clausthal Odin, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6341	1 Typo3	2 Sb Universal Plugin, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the SB Universal Plugin (SBuniplug) extension 2.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6340	2 Mathieu Vidal, Typo3	2 Mv Vox Populi, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6338	2 Typo3, Weber-ebusiness	2 Typo3, Wes Facilities	2025-04-09	N/A
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5798	1 Typo3	2 Cms Poll System Extension, Typo3	2025-04-09	N/A
SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

« first previous Page 14 of 24. next last »