Show filters
297 Total Results
Displaying 191-200 of 297
Sort by:
Attacker Value
Unknown

CVE-2009-4855

Disclosure Date: May 11, 2010 (last updated November 08, 2023)
SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in third-party TYPO3 extensions - not in TYPO3 Core.
0
0
Attacker Value
Unknown

CVE-2010-1153

Disclosure Date: April 20, 2010 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.
0
0
Attacker Value
Unknown

CVE-2009-4740

Disclosure Date: March 26, 2010 (last updated October 04, 2023)
Directory traversal vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 has unspecified impact and remote attack vectors.
0
0
Attacker Value
Unknown

CVE-2010-1020

Disclosure Date: March 19, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2010-1019

Disclosure Date: March 19, 2010 (last updated October 04, 2023)
SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2010-1006

Disclosure Date: March 19, 2010 (last updated October 04, 2023)
SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2009-4703

Disclosure Date: March 15, 2010 (last updated October 04, 2023)
SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2009-4704

Disclosure Date: March 15, 2010 (last updated October 04, 2023)
Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2010-0286

Disclosure Date: February 22, 2010 (last updated October 04, 2023)
Unspecified vulnerability in the OpenID Identity Authentication extension in TYPO3 4.3.0 allows remote attackers to bypass authentication and gain access to a backend user account via unknown attack vectors in which both the attacker and victim have an OpenID provider that discards identities during authentication.
0
0
Attacker Value
Unknown

CVE-2010-0337

Disclosure Date: January 15, 2010 (last updated October 04, 2023)
SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
0
0
View More Topics  < Previous  Next >