Vulnerabilities (CVE)

Filtered by vendor Typo3 Subscribe
Filtered by product Typo3
Total 437 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6697 2 Michael Fritz, Typo3 2 Worldcup, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6696 2 Manu Oehler, Typo3 2 Toto, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6695 2 Frank Naegler, Typo3 2 Timtab Sociable, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6694 2 Fr.simon Rundell, Typo3 2 Ste Prayer, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6693 2 Sebastian Baumann, Typo3 2 Sb Downloader, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6692 2 Fr.simon Rundell, Typo3 2 Pd Trainingcourses, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6691 2 Diocese Of Portsmouth, Typo3 2 Pd Calendar Today, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6690 1 Typo3 2 Nd Antispam, Typo3 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors.
CVE-2008-6689 2 Kevin Renskers, Typo3 2 Dmmjobcontrol, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6688 2 Kevin Renskers, Typo3 2 Dmmjobcontrol, Typo3 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6687 2 David Cadu, Typo3 2 Dcdgooglemap, Typo3 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6686 2 Jan Bednarik, Typo3 2 Cooluri, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6685 2 Thomas Waggershauser, Typo3 2 Air Filemanager, Typo3 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2008-6630 1 Typo3 2 Typo3, Wt Gallery 2024-11-21 7.8 HIGH N/A
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors.
CVE-2008-6463 2 Fr.simon Rundell, Typo3 2 Pd Churchsearch, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6462 2 Kurt Gusbeth, Typo3 2 Myquizpoll, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6461 2 Fr.simon Rundell, Typo3 2 Ste Prayer2, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6460 2 Mirko Werner, Typo3 2 Mw Random Objects, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6459 1 Typo3 2 Autobeuser, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6458 2 Dieter Mayer, Typo3 2 Fe Address Edit, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.