Filtered by vendor Typo3
Subscriptions
Total
527 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1021 | 2 Mads Brunn, Typo3 | 2 T3quixplorer, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3quixplorer) extension before 1.7.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-6577 | 2 Typo3, Typoheads | 2 Typo3, Formhandler | 2025-04-11 | N/A |
| SQL injection vulnerability in the Formhandler extension before 1.4.1 for TYPO3 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1020 | 2 Sk-typo3, Typo3 | 2 Sk Simplegallery, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3531 | 1 Typo3 | 1 Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1019 | 2 Sk-typo3, Typo3 | 2 Sk Simplegallery, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4634 | 2 Raphael Zschorsch, Typo3 | 2 Rzautocomplete, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the jQuery autocomplete for indexed_search (rzautocomplete) extension before 0.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4680 | 2 Typo3, Urs Maag | 2 Typo3, Maag Form Captcha | 2025-04-11 | N/A |
| Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and earlier for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2013-4681 | 2 Michael Staatz, Typo3 | 2 Sofortueberweisung2commerce, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4682 | 2 Bas Van Beek, Typo3 | 2 Multishop, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4683 | 2 Christophe Balisky, Typo3 | 2 Meta Feedit, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the meta_feedit extension 0.1.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1018 | 2 Jochen Rau, Typo3 | 2 Sk Bookreview, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4720 | 2 Typo3, Webempoweredchurch | 2 Typo3, Wec Discussion | 2025-04-11 | N/A |
| SQL injection vulnerability in the WEC Discussion Forum extension before 2.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4746 | 2 Kurt Gusbeth, Typo3 | 2 Myquizpoll, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4748 | 2 Georg Ringer, Typo3 | 2 News, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4870 | 2 News Search Project, Typo3 | 2 News Search, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the News Search (news_search) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4871 | 2 Markus Blaschke, Typo3 | 2 Tq Seo, Typo3 | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO Enhancements (tq_seo) extension before 5.0.1 for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-5303 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | N/A |
| Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." | ||||
| CVE-2013-5304 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-5305 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5570 | 2 Axel Jung, Typo3 | 2 Js Css Optimizer, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||