Filtered by vendor Typo3
Subscriptions
Filtered by product Typo3
Subscriptions
Total
441 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0345 | 1 Typo3 | 2 Majordomo, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0344 | 1 Typo3 | 2 Typo3, Zak Store Management | 2025-04-11 | N/A |
| SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4885 | 2 Peter Proell, Typo3 | 2 Xing, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the XING Button (xing) extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0343 | 1 Typo3 | 2 Pb Clanlist, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0342 | 1 Typo3 | 2 Job Reports, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-7075 | 1 Typo3 | 1 Typo3 | 2025-04-11 | N/A |
| The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an unspecified parameter, related to a "missing signature." | ||||
| CVE-2010-0346 | 1 Typo3 | 2 Mimi Tipfriends, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi_tipfriends) extension 0.0.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0347 | 1 Typo3 | 2 Typo3, Vd Gemomap | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap) extension 0.3.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0350 | 2 Arco Van Geest, Typo3 | 2 Goof Fotoboek, Typo3 | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors. | ||||
| CVE-2010-0797 | 2 Snowflake, Typo3 | 2 T3blog, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0798 | 2 Snowflake, Typo3 | 2 T3blog, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1006 | 1 Typo3 | 2 Brainstorming, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1007 | 2 Chi Hoang, Typo3 | 2 Ch Lightem, Typo3 | 2025-04-11 | N/A |
| Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2010-1009 | 2 Joachim-ruhs, Typo3 | 2 Educator, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1010 | 2 Matthias Kall, Typo3 | 2 Mk Wastebasket, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1011 | 2 Tim Lochmueller, Typo3 | 2 Mydashboard, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1012 | 2 Mathias Schreiber, Typo3 | 2 Nf Cleandb, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1014 | 2 Steffen Kamper, Typo3 | 2 Reports Logview, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Reports Logfile View (reports_logview) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1015 | 2 Laurent Foulloy, Typo3 | 2 Sav Filter Abc, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-4887 | 2 Raphael Zschorsch, Typo3 | 2 Commentsbe, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||