Shodan
Vulnerabilities
Vulnerable Software
Typo3:  >> Typo3  >> 13.4.7  Security Vulnerabilities
CVE-2009-4959
SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2010-07-28
CVE-2009-4955
SQL injection vulnerability in the ultraCards (th_ultracards) extension before 0.5.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2010-07-22
CVE-2009-4956
Cross-site scripting (XSS) vulnerability in the Visitor Tracking (ws_stats) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2010-07-22
CVE-2009-4948
Cross-site scripting (XSS) vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2010-07-22
CVE-2009-4949
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2010-07-22
CVE-2009-4950
SQL injection vulnerability in the A21glossary Advanced Output (a21glossary_advanced_output) extension before 0.1.12 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2010-07-22
CVE-2009-4951
Unspecified vulnerability in the ClickStream Analyzer [output] (alternet_csa_out) extension 0.3.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2010-07-22
CVE-2009-4952
Directory traversal vulnerability in the Directory Listing (dir_listing) extension 1.1.0 and earlier for TYPO3 allows remote attackers to have an unspecified impact via unknown vectors.
CVSS Score
10.0
EPSS Score
0.005
Published
2010-07-22
CVE-2009-4953
Cross-site scripting (XSS) vulnerability in the Userdata Create/Edit (sg_userdata) extension before 0.91.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2010-07-22
CVE-2009-4954
SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2010-07-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved