|
267301
|
- |
|
alexandre_dubus
|
audistat
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) year and (2) mday parameters. NOTE: the pro…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1052
|
2010-03-23 13:00 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267302
|
- |
|
marcus_krause
|
t3sec_saltedpw
|
The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) extension before 0.2.13 for TYPO3 allows remote attackers to bypass authentication via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2010-1022
|
2010-03-23 02:17 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267303
|
- |
|
sk-typo3
|
sk_simplegallery
|
Cross-site scripting (XSS) vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1020
|
2010-03-23 01:58 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267304
|
- |
|
mathias_schreiber
|
nf_cleandb
|
SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1012
|
2010-03-23 00:04 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267305
|
- |
|
viewvc
|
viewvc
|
Cross-site scripting (XSS) vulnerability in the view_queryform function in lib/viewvc.py in ViewVC before 1.0.10, and 1.1.x before 1.1.4, allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0736
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267306
|
- |
|
mischa_heimann
|
yatse
|
SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1004
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267307
|
- |
|
mischa_heimann
|
yatse
|
Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1005
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267308
|
- |
|
typo3
|
brainstorming
|
SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-1006
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267309
|
- |
|
chi_hoang
|
ch_lightem
|
Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
|
CWE-200
Information Exposure
|
CVE-2010-1007
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267310
|
- |
|
christian_hennecke
|
chsellector
|
Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1008
|
2010-03-22 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
