Filtered by vendor Typo3
Subscriptions
Total
521 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2275 | 1 Typo3 | 1 Sr Feuser Register Extension | 2025-04-09 | N/A |
| Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to execute arbitrary code and delete arbitrary files via unspecified attack vectors. | ||||
| CVE-2008-3053 | 1 Typo3 | 1 Sql Frontend Extension | 2025-04-09 | N/A |
| SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-3051 | 1 Typo3 | 1 Pinboard Extension | 2025-04-09 | N/A |
| SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2274 | 1 Typo3 | 1 Sr Feuser Register Extension | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3050 | 1 Typo3 | 1 Pdf Generator 2 Extension | 2025-04-09 | N/A |
| Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2008-3047 | 1 Typo3 | 1 Kb Unpack Extension | 2025-04-09 | N/A |
| Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors. | ||||
| CVE-2008-3046 | 1 Typo3 | 1 Packman Extension | 2025-04-09 | N/A |
| Incomplete blacklist vulnerability in the Packman (kb_packman) extension 0.2.1 and earlier for TYPO3 has unknown impact and attack vectors. | ||||
| CVE-2008-3045 | 1 Typo3 | 1 Industry Database | 2025-04-09 | N/A |
| Unspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity." | ||||
| CVE-2008-3044 | 1 Typo3 | 1 News Calendar Extension | 2025-04-09 | N/A |
| SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-3042 | 1 Typo3 | 1 Dam Frontend Extension | 2025-04-09 | N/A |
| Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling." | ||||
| CVE-2009-0256 | 1 Typo3 | 1 Typo3 | 2025-04-09 | N/A |
| Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication. | ||||
| CVE-2010-0322 | 2 Matthias Karr, Typo3 | 2 Mk Anydropdownmenu, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0323 | 2 Arco Van Geest, Typo3 | 2 Goof Fotoboek, Typo3 | 2025-04-09 | N/A |
| Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | ||||
| CVE-2010-0326 | 3 Francois Suter, Rene Fritz, Typo3 | 3 Devlog, Devlog, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0328 | 2 Rastislav Birka, Typo3 | 2 Cs2 Unitconv, Typo3 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0329 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2025-04-09 | N/A |
| SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript." | ||||
| CVE-2008-3041 | 1 Typo3 | 1 Dam Frontend Extension | 2025-04-09 | N/A |
| Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "broken access control." | ||||
| CVE-2008-3040 | 1 Typo3 | 1 Dam Frontend Extension | 2025-04-09 | N/A |
| Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2008-3037 | 1 Typo3 | 1 Address Directory | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3032 | 1 Typo3 | 1 Phpmyadmin | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||