Shodan
Vulnerabilities
Vulnerable Software
Typo3:  >> Typo3  >> 4.1.13  Security Vulnerabilities
CVE-2008-6694
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-04-10
CVE-2008-6695
SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVSS Score
7.5
EPSS Score
0.007
Published
2009-04-10
CVE-2008-6696
SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVSS Score
7.5
EPSS Score
0.005
Published
2009-04-10
CVE-2008-6697
SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-04-10
CVE-2008-6698
Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2009-04-10
CVE-2008-6699
Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2009-04-10
CVE-2009-1264
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
CVSS Score
4.0
EPSS Score
0.004
Published
2009-04-07
CVE-2008-6630
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.003
Published
2009-04-07
CVE-2008-6456
SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-03-13
CVE-2008-6457
SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-03-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved