Filtered by vendor Typo3
Subscriptions
Filtered by product Typo3
Subscriptions
Total
473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1080 | 1 Typo3 | 2 Skt Eurocalc, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-5890 | 2 Stanislas Rolland, Typo3 | 2 Sr Feuser Register, Typo3 | 2025-04-11 | N/A |
| The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature. | ||||
| CVE-2012-1076 | 2 Robert Gonda, Typo3 | 2 Rtg Files, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4970 | 2 Typo3, Typo3-macher | 2 Typo3, T3m Affiliate | 2025-04-11 | N/A |
| SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-4709 | 2 Dirk Maiwert, Typo3 | 2 Datamints Newsticker, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4719 | 2 Lina Wolf, Typo3 | 2 Seo Pack For Tt News, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the SEO Pack for tt_news extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1075 | 2 Robert Gonda, Typo3 | 2 Rtg Files, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4721 | 2 3ds, Typo3 | 2 Push2rss 3ds, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the RSS feed from records extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4745 | 2 Kurt Gusbeth, Typo3 | 2 Myquizpoll, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4746 | 2 Kurt Gusbeth, Typo3 | 2 Myquizpoll, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1074 | 1 Typo3 | 2 Mm Whtppr, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the White Papers (mm_whtppr) extension 0.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4870 | 2 News Search Project, Typo3 | 2 News Search, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the News Search (news_search) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4871 | 2 Markus Blaschke, Typo3 | 2 Tq Seo, Typo3 | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO Enhancements (tq_seo) extension before 5.0.1 for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-5303 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | N/A |
| Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." | ||||
| CVE-2009-4969 | 1 Typo3 | 2 Sbanner, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1073 | 1 Typo3 | 2 Toi Category, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5306 | 2 Die-netzmacher, Typo3 | 2 Browser, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-5307 | 2 Kennziffer, Typo3 | 2 Ke Search, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5308 | 2 Juralsulek, Typo3 | 2 Realurlmanagement, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1072 | 1 Typo3 | 2 Toi Category, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||