CVEDB API

Vulnerabilities

Vulnerable Software

Typo3: >> Typo3 >> 4.5.13 Security Vulnerabilities

CVE-2009-4963

Cross-site scripting (XSS) vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

3.5

EPSS Score

0.002

Published

2010-07-28

CVE-2009-4965

SQL injection vulnerability in the AIRware Lexicon (air_lexicon) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4966

SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4967

SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4968

SQL injection vulnerability in the Event Registration (event_registr) extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4969

SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4970

SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4971

SQL injection vulnerability in the AJAX Chat (vjchat) extension before 0.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4959

SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-28

CVE-2009-4955

SQL injection vulnerability in the ultraCards (th_ultracards) extension before 0.5.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.004

Published

2010-07-22

Prev Next

Page 9

Vulnerabilities

Vulnerable Software

Typo3: >> Typo3 >> 4.5.13 Security Vulnerabilities

Products

Pricing

Contact Us