Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4957
SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension prior to 2.2.3 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Nadine Schwingler Ke Questionnaire 2.0.0
Nadine Schwingler Ke Questionnaire 1.2.1
Nadine Schwingler Ke Questionnaire
7.5
CVSSv2
CVE-2010-4961
SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension prior to 1.1.4 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Dev-team Typoheads Webkitpdf
Dev-team Typoheads Webkitpdf 1.0.2
Dev-team Typoheads Webkitpdf 1.1.0
Dev-team Typoheads Webkitpdf 1.1.1
Dev-team Typoheads Webkitpdf 1.1.2
7.5
CVSSv2
CVE-2010-4887
SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Raphael Zschorsch Commentsbe
7.5
CVSSv2
CVE-2010-4891
SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension prior to 1.1.2 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Andreas Kiefer Ke Yac 1.0.3
Andreas Kiefer Ke Yac 1.0.5
Andreas Kiefer Ke Yac
Andreas Kiefer Ke Yac 1.0.4
Andreas Kiefer Ke Yac 1.1.0
7.5
CVSSv2
CVE-2010-4888
SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Marco Hezel Hm Tinymarket
7.5
CVSSv2
CVE-2011-3980
Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndropupload) extension 2.0.2 and previous versions for TYPO3 allows remote malicious users to upload arbitrary files via unknown vectors.
Jerome Schneider Ameos Dragndropupload
Jerome Schneider Ameos Dragndropupload 2.0.1
Jerome Schneider Ameos Dragndropupload 2.0.0
7.5
CVSSv2
CVE-2011-1722
Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and previous versions for TYPO3 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011.
Webempoweredchurch Wec Discussion 2.0.3
Webempoweredchurch Wec Discussion 2.0.2
Webempoweredchurch Wec Discussion 1.6.1
Webempoweredchurch Wec Discussion 1.6.0
Webempoweredchurch Wec Discussion 1.6.2
Webempoweredchurch Wec Discussion 1.6.3
Webempoweredchurch Wec Discussion 2.0.1
Webempoweredchurch Wec Discussion
Webempoweredchurch Wec Discussion 1.7.0
Webempoweredchurch Wec Discussion 2.0.4
7.5
CVSSv2
CVE-2010-3604
SQL injection vulnerability in the powermail extension 1.5.3 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Alex Kellner Powermail 1.0.3
Alex Kellner Powermail 1.0.4
Alex Kellner Powermail 1.1.0
Alex Kellner Powermail 1.1.7
Alex Kellner Powermail 1.1.6
Alex Kellner Powermail 1.1.5
Alex Kellner Powermail 1.3.4
Alex Kellner Powermail 1.3.5
Alex Kellner Powermail 1.3.6
Alex Kellner Powermail 1.3.7
Alex Kellner Powermail 1.3.8
Alex Kellner Powermail 1.4.6
Alex Kellner Powermail 1.4.5
Alex Kellner Powermail 1.4.8
Alex Kellner Powermail 1.4.7
Alex Kellner Powermail 1.0.6
Alex Kellner Powermail 1.0.5
Alex Kellner Powermail 1.0.12
Alex Kellner Powermail 1.0.11
Alex Kellner Powermail 1.0.10
Alex Kellner Powermail 1.2.0
Alex Kellner Powermail 1.2.1
7.5
CVSSv2
CVE-2009-4959
SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Stefan Koch T3m
7.5
CVSSv2
CVE-2009-4966
SQL injection vulnerability in the AST ZipCodeSearch (ast_addresszipsearch) extension 0.5.4 for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Elemente Ast Addresszipsearch 0.5.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »