Typo3 CVEs and Security Vulnerabilities

Export limit exceeded: 341412 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (477 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2009-4393	2 Daniel Ptzinger, Typo3	2 Danp Documentdirs, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4394	2 Fr.simon Rundell, Typo3	2 Ste Prayer2, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4395	2 Fr.simon Rundell, Typo3	2 Ste Prayer2, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4396	2 Fr.simon Rundell, Typo3	2 Pd Resources, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4397	2 Fr.simon Rundell, Typo3	2 Pd Resources, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4398	2 Fr.simon Rundell, Typo3	2 Hs Religiousartgallery, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4399	2 Fr.simon Rundell, Typo3	2 Hs Religiousartgallery, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4400	2 Fr.simon Rundell, Typo3	2 Ste Parish Admin, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4401	2 Fr.simon Rundell, Typo3	2 Ste Parish Admin, Typo3	2025-04-09	N/A
SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6695	2 Frank Naegler, Typo3	2 Timtab Sociable, Typo3	2025-04-09	N/A
SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6694	2 Fr.simon Rundell, Typo3	2 Ste Prayer, Typo3	2025-04-09	N/A
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6693	2 Sebastian Baumann, Typo3	2 Sb Downloader, Typo3	2025-04-09	N/A
SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6692	2 Fr.simon Rundell, Typo3	2 Pd Trainingcourses, Typo3	2025-04-09	N/A
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6691	2 Diocese Of Portsmouth, Typo3	2 Pd Calendar Today, Typo3	2025-04-09	N/A
SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6690	1 Typo3	2 Nd Antispam, Typo3	2025-04-09	N/A
Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors.
CVE-2008-6689	2 Kevin Renskers, Typo3	2 Dmmjobcontrol, Typo3	2025-04-09	N/A
SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6687	2 David Cadu, Typo3	2 Dcdgooglemap, Typo3	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6686	2 Jan Bednarik, Typo3	2 Cooluri, Typo3	2025-04-09	N/A
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6685	2 Thomas Waggershauser, Typo3	2 Air Filemanager, Typo3	2025-04-09	N/A
Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2008-6630	1 Typo3	2 Typo3, Wt Gallery	2025-04-09	N/A
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors.

« first previous Page 20 of 24. next last »