Dmitry Dulepov

Pesquisador deUniversity of Basel
#2936de 53,640
85.8CVSS total
Vulnerabilidades · 13
Média
4
Alta
9
PT-2020-15898
4.3
2020-09-02
Typo3 · L10Nmgr · CVE-2020-25025
**Nome do software vulnerável e versões afetadas** Extensão TYPO3 l10nmgr, versões anteriores à 7.4.0 Extensão TYPO3 l10nmgr, versões 8.x anteriores à 8.7.0 Extensão TYPO3 l10nmgr, versões 9.x anteriores à 9.2.0 **Descrição** A vulnerabilidade permite a divulgação de informações relacionadas a campos traduzíveis. **Recomendações** Para versões anteriores à 7.4.0, atualize para a versão 7.4.0 ou posterior. Para versões 8.x anteriores à 8.7.0, atualize para a versão 8.7.0 ou posterior. Para versões 9.x anteriores à 9.2.0, atualize para a versão 9.2.0 ou posterior.
PT-2016-4001
5.4
2016-01-08
Typo3 · Typo3 · CVE-2015-8756
**Name of the Vulnerable Software and Affected Versions** TYPO3 versions 6.2.x through 6.2.15 **Description** A cross-site scripting (XSS) issue exists in the Indexed Search component, specifically in the search result view, allowing remote authenticated editors to inject arbitrary web script or HTML. **Recommendations** For versions 6.2.x through 6.2.15, update to version 6.2.16 or later to resolve the issue.
PT-2009-2157
4.3
2009-04-10
Dmm · Jobcontrol · CVE-2008-6688
**Name of the Vulnerable Software and Affected Versions** JobControl (dmmjobcontrol) version 1.15.0 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For JobControl (dmmjobcontrol) version 1.15.0 and earlier, update to a version later than 1.15.0 to resolve the issue.
PT-2009-2158
7.5
2009-04-10
Dmm · Dmmjobcontrol · CVE-2008-6689
**Name of the Vulnerable Software and Affected Versions** dmmjobcontrol versions 1.15.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions 1.15.0 and earlier, update to a version later than 1.15.0 to resolve the issue.
PT-2009-2159
7.5
2009-04-10
Nepa Design.De · Nd Antispam · CVE-2008-6690
**Name of the Vulnerable Software and Affected Versions** nepa-design.de Spam Protection (nd antispam) extension version 1.0.3 **Description** The issue allows remote attackers to modify configuration via unknown vectors. **Recommendations** For nepa-design.de Spam Protection (nd antispam) extension version 1.0.3, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2009-2161
7.5
2009-04-10
Diocese Of Portsmouth · Pd Trainingcourses · CVE-2008-6692
**Name of the Vulnerable Software and Affected Versions** Diocese of Portsmouth Training Courses (pd trainingcourses) extension version 0.1.1 for TYPO3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For version 0.1.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-2154
7.5
2009-04-10
Typo3 · Air Filemanager · CVE-2008-6685
**Name of the Vulnerable Software and Affected Versions** TYPO3 extension air filemanager versions 0.6.1 and earlier **Description** The issue allows remote attackers to execute arbitrary commands. The exact vectors used for the attack are not specified. **Recommendations** For versions 0.6.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-2163
7.5
2009-04-10
Typo3 · Typo3 · CVE-2008-6694
**Name of the Vulnerable Software and Affected Versions** Random Prayer (ste prayer) version 0.0.1 for TYPO3 **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For version 0.0.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-2165
7.5
2009-04-10
Unknown · Fussballtippspiel · CVE-2008-6696
**Name of the Vulnerable Software and Affected Versions** Fussballtippspiel (toto) versions 0.1.1 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions 0.1.1 and earlier, update to a version that contains a fix for this issue.
PT-2009-2166
7.5
2009-04-10
Target E · Target-E Worldcup Bets · CVE-2008-6697
**Name of the Vulnerable Software and Affected Versions** TARGET-E WorldCup Bets (worldcup) versions 2.0.0 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions 2.0.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-2167
4.3
2009-04-10
Target E · Target-E Worldcup Bets · CVE-2008-6698
**Name of the Vulnerable Software and Affected Versions** TARGET-E WorldCup Bets (worldcup) versions 2.0.0 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unknown vectors, potentially affecting the security of the system. **Recommendations** For versions 2.0.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-2162
7.5
2009-04-10
Typo3 · Typo3 · CVE-2008-6693
**Name of the Vulnerable Software and Affected Versions** TYPO3 Download system (sb downloader) extension versions 0.1.4 and earlier **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions 0.1.4 and earlier, update to a version later than 0.1.4 to resolve the issue.
PT-2009-2155
7.5
2009-04-10
Cooluri · Cooluri · CVE-2008-6686
**Name of the Vulnerable Software and Affected Versions** CoolURI (cooluri) versions 1.0.11 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For CoolURI (cooluri) versions 1.0.11 and earlier, update to a version later than 1.0.11 to resolve the issue.