CVEDB API

Vulnerabilities

Vulnerable Software

Typo3: >> Typo3 >> 4.1.13 Security Vulnerabilities

CVE-2009-4398

Cross-site scripting (XSS) vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-12-22

CVE-2009-4399

SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2009-12-22

CVE-2009-4400

Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-12-22

CVE-2009-4401

SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2009-12-22

CVE-2009-4342

SQL injection vulnerability in the Job Exchange (jobexchange) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2009-12-17

CVE-2009-4343

Cross-site scripting (XSS) vulnerability in the Training Company Database (trainincdb) extension 0.4.7 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-12-17

CVE-2009-4344

Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-12-17

CVE-2009-4345

Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-12-17

CVE-2009-4346

Cross-site scripting (XSS) vulnerability in the Frontend news submitter with RTE (fe_rtenews) extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.002

Published

2009-12-17

CVE-2009-4336

Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-12-17

Prev Next

Page 17

Vulnerabilities

Vulnerable Software

Typo3: >> Typo3 >> 4.1.13 Security Vulnerabilities

Products

Pricing

Contact Us