|
277341
|
- |
|
wec_map_project
|
wec_map
|
Cross-site scripting (XSS) vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-6296
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277342
|
- |
|
wec_map_project
|
wec_map
|
SQL injection vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-6295
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277343
|
- |
|
external_links_click_statistics_project
|
external_links_click_statistics
|
Cross-site scripting (XSS) vulnerability in the External links click statistics (outstats) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6294
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277344
|
- |
|
kennziffer
|
statistics
|
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild i…
|
CWE-89
SQL Injection
|
CVE-2014-6293
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277345
|
- |
|
in2code
|
femanager
|
The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-6292
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277346
|
- |
|
alphabetic_sitemap_project
|
alphabetic_sitemap
|
Cross-site scripting (XSS) vulnerability in the Alphabetic Sitemap (alpha_sitemap) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6291
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277347
|
- |
|
news_project
|
news
|
The News (tt_news) extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified impact via vectors related to an "insecure unserialize" issue.
|
CWE-20
Improper Input Validation
|
CVE-2014-6290
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277348
|
- |
|
michael_knoll
daniel_lienert
|
tools_for_extbase_developmen
yet_another_gallery
|
The Ajax dispatcher for Extbase in the Yet Another Gallery (yag) extension before 3.0.1 and Tools for Extbase development (pt_extbase) extension before 1.5.1 allows remote attackers to bypass access …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6289
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277349
|
- |
|
alex_kellner
|
powermail
|
The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6288
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277350
|
- |
|
openstack
canonical
|
neutron
ubuntu_linux
|
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6414
|
2024-11-21 11:14 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
