Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4961
SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension prior to 1.1.4 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Dev-team Typoheads Webkitpdf
Dev-team Typoheads Webkitpdf 1.0.2
Dev-team Typoheads Webkitpdf 1.1.0
Dev-team Typoheads Webkitpdf 1.1.1
Dev-team Typoheads Webkitpdf 1.1.2
7.5
CVSSv2
CVE-2010-4962
Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension prior to 1.1.4 for TYPO3 allows remote malicious users to execute arbitrary commands via unknown vectors.
Dev-team Typoheads Webkitpdf
Dev-team Typoheads Webkitpdf 1.1.2
Dev-team Typoheads Webkitpdf 1.1.1
Dev-team Typoheads Webkitpdf 1.1.0
Dev-team Typoheads Webkitpdf 1.0.2
7.5
CVSSv2
CVE-2010-4888
SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Marco Hezel Hm Tinymarket
7.5
CVSSv2
CVE-2010-4887
SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Raphael Zschorsch Commentsbe
7.5
CVSSv2
CVE-2010-4891
SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension prior to 1.1.2 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Andreas Kiefer Ke Yac 1.0.3
Andreas Kiefer Ke Yac 1.0.5
Andreas Kiefer Ke Yac
Andreas Kiefer Ke Yac 1.0.4
Andreas Kiefer Ke Yac 1.1.0
7.5
CVSSv2
CVE-2011-3980
Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndropupload) extension 2.0.2 and previous versions for TYPO3 allows remote malicious users to upload arbitrary files via unknown vectors.
Jerome Schneider Ameos Dragndropupload
Jerome Schneider Ameos Dragndropupload 2.0.1
Jerome Schneider Ameos Dragndropupload 2.0.0
7.5
CVSSv2
CVE-2011-1722
Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and previous versions for TYPO3 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011.
Webempoweredchurch Wec Discussion 2.0.3
Webempoweredchurch Wec Discussion 2.0.2
Webempoweredchurch Wec Discussion 1.6.1
Webempoweredchurch Wec Discussion 1.6.0
Webempoweredchurch Wec Discussion 1.6.2
Webempoweredchurch Wec Discussion 1.6.3
Webempoweredchurch Wec Discussion 2.0.1
Webempoweredchurch Wec Discussion
Webempoweredchurch Wec Discussion 1.7.0
Webempoweredchurch Wec Discussion 2.0.4
7.5
CVSSv2
CVE-2010-3604
SQL injection vulnerability in the powermail extension 1.5.3 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Alex Kellner Powermail 1.0.3
Alex Kellner Powermail 1.0.4
Alex Kellner Powermail 1.1.0
Alex Kellner Powermail 1.1.7
Alex Kellner Powermail 1.1.6
Alex Kellner Powermail 1.1.5
Alex Kellner Powermail 1.3.4
Alex Kellner Powermail 1.3.5
Alex Kellner Powermail 1.3.6
Alex Kellner Powermail 1.3.7
Alex Kellner Powermail 1.3.8
Alex Kellner Powermail 1.4.6
Alex Kellner Powermail 1.4.5
Alex Kellner Powermail 1.4.8
Alex Kellner Powermail 1.4.7
Alex Kellner Powermail 1.0.6
Alex Kellner Powermail 1.0.5
Alex Kellner Powermail 1.0.12
Alex Kellner Powermail 1.0.11
Alex Kellner Powermail 1.0.10
Alex Kellner Powermail 1.2.0
Alex Kellner Powermail 1.2.1
7.5
CVSSv2
CVE-2009-4967
SQL injection vulnerability in the Car (car) extension prior to 0.1.1 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Jochen Rieger Car
7.5
CVSSv2
CVE-2009-4969
SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Typo3 Sbanner 1.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »