Search Results (554 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6460 2 Mirko Werner, Typo3 2 Mw Random Objects, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6689 2 Kevin Renskers, Typo3 2 Dmmjobcontrol, Typo3 2026-04-23 N/A
SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-4167 2 Lukas Taferner, Typo3 2 It Basetag, Typo3 2026-04-23 N/A
Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_basetag) extension 1.0.0 for TYPO3 allows remote attackers to conduct "Cache spoofing" attacks via unspecified vectors.
CVE-2009-4165 2 Simple Glossar, Typo3 2 Simple Glossar, Typo3 2026-04-23 N/A
SQL injection vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2489 1 Typo3 1 Sg Zfelib 2026-04-23 N/A
SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input."
CVE-2009-4163 2 Tw Productfinder, Typo3 2 Tw Productfinder, Typo3 2026-04-23 N/A
SQL injection vulnerability in the TW Productfinder (tw_productfinder) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4339 2 Stephan Vits, Typo3 2 Mf Subscription, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-4342 2 Melvin Mach, Typo3 2 Jobexchange, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Job Exchange (jobexchange) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2009-4344 2 Tobias Sommer, Typo3 2 Zid Linklist, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4345 2 Jonas Renggli, Typo3 2 Vshoutbox, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4346 2 Toni Milovan, Typo3 2 Fe Rtenews, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Frontend news submitter with RTE (fe_rtenews) extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4390 2 Jochen Rieger, Typo3 2 Car, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4161 2 An Searchit, Typo3 2 An Searchit, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_searchit) extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4391 2 Daniel Regelein, Typo3 2 Dr Blob, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4392 1 Typo3 2 Typo3, Xds Staff 2026-04-23 N/A
SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4393 2 Daniel Ptzinger, Typo3 2 Danp Documentdirs, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4399 2 Fr.simon Rundell, Typo3 2 Hs Religiousartgallery, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4394 2 Fr.simon Rundell, Typo3 2 Ste Prayer2, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6630 1 Typo3 2 Typo3, Wt Gallery 2026-04-23 N/A
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors.
CVE-2008-3048 1 Typo3 1 Pdf Generator 2 Extension 2026-04-23 N/A
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality."