Filtered by vendor Typo3 Subscriptions
Filtered by product Typo3 Subscriptions
Total 462 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-5310 2 Mauro Lorenzutti, Typo3 2 Wfqbe, Typo3 2025-04-11 N/A
SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-3715 1 Typo3 1 Typo3 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the RemoveXSS function, and allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (2) the backend.
CVE-2013-6289 2 Ingo Renner, Typo3 2 Apache Solr, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3604 2 Alex Kellner, Typo3 2 Powermail, Typo3 2025-04-11 N/A
SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-3714 1 Typo3 1 Typo3 2025-04-11 N/A
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2010-4885 2 Peter Proell, Typo3 2 Xing, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the XING Button (xing) extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-1026 2 Mathon Nicolas, Typo3 2 Tmsw Cleandb, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1025 2 Chris Wederka, Typo3 2 Tgm Newsletter, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-1218 2 Mm Forum, Typo3 2 Mmforum, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the mm_forum extension 1.8.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-1021 2 Mads Brunn, Typo3 2 T3quixplorer, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3quixplorer) extension before 1.7.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-6288 2 Ingo Renner, Typo3 2 Apache Solr, Typo3 2025-04-11 N/A
Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."
CVE-2010-1024 2 Chris Wederka, Typo3 2 Tgm Newsletter, Typo3 2025-04-11 N/A
SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-2131 2 Mario Matzulla, Typo3 2 Cal, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Calendar Base (cal) extension before 1.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via iCalendar data.
CVE-2010-1018 2 Jochen Rau, Typo3 2 Sk Bookreview, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1017 2 Laurent Foulloy, Typo3 2 Sav Filter Months, Typo3 2025-04-11 N/A
SQL injection vulnerability in the SAV Filter Months (sav_filter_months) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1019 2 Sk-typo3, Typo3 2 Sk Simplegallery, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-3530 1 Typo3 1 Typo3 2025-04-11 N/A
Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain HTML5 JavaScript events.
CVE-2013-4683 2 Christophe Balisky, Typo3 2 Meta Feedit, Typo3 2025-04-11 N/A
SQL injection vulnerability in the meta_feedit extension 0.1.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1015 2 Laurent Foulloy, Typo3 2 Sav Filter Abc, Typo3 2025-04-11 N/A
SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1020 2 Sk-typo3, Typo3 2 Sk Simplegallery, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.