|
297551
|
- |
|
typo3
|
terminal
|
Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote attackers to hijack the authentication of unspecified victims …
|
CWE-352
Origin Validation Error
|
CVE-2012-1083
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297552
|
- |
|
typo3
|
terminal
|
Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1082
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297553
|
- |
|
roderick_braun
|
ya_googlesearch
|
Cross-site scripting (XSS) vulnerability in the Yet another Google search (ya_googlesearch) extension before 0.3.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1081
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297554
|
- |
|
typo3
|
skt_eurocalc
|
Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1080
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297555
|
- |
|
helmut_hummel
|
typo3_webservice
|
Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservice) extension before 0.3.8 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1079
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297556
|
- |
|
claus_due
|
sysutils
|
The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unspecified vectors related to improper "protection" of the "backup o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1078
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297557
|
- |
|
manfred_egger
|
bc_post2facebook
|
SQL injection vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-1077
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297558
|
- |
|
robert_gonda
|
rtg_files
|
Cross-site scripting (XSS) vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1076
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297559
|
- |
|
robert_gonda
|
rtg_files
|
SQL injection vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-1075
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297560
|
- |
|
typo3
|
mm_whtppr
|
SQL injection vulnerability in the White Papers (mm_whtppr) extension 0.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-1074
|
2024-11-21 10:36 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
