CVEDB API

Vulnerabilities

Vulnerable Software

Typo3: >> Typo3 >> 4.1.0 Security Vulnerabilities

CVE-2010-1026

SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-03-19

CVE-2010-1027

SQL injection vulnerability in the Meet Travelmates (travelmate) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-03-19

CVE-2010-1004

SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-03-19

CVE-2010-1005

Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2010-03-19

CVE-2010-1006

SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-03-19

CVE-2010-1007

Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.

CVSS Score

5.0

EPSS Score

0.003

Published

2010-03-19

CVE-2010-1008

Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2010-03-19

CVE-2010-1009

SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-03-19

CVE-2010-1010

SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-03-19

CVE-2010-1011

Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2010-03-19

Prev Next

Page 10

Vulnerabilities

Vulnerable Software

Typo3: >> Typo3 >> 4.1.0 Security Vulnerabilities

Products

Pricing

Contact Us