Guide Schmechel

#4950of 53,633
53.5Total CVSS
Vulnerabilities · 8
Medium
3
High
5
PT-2011-1885
7.5
2011-10-09
Typo3 · Typo3 Event · CVE-2010-4950
**Name of the Vulnerable Software and Affected Versions** TYPO3 Event (event) extension versions prior to 0.3.7 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions prior to 0.3.7, update to version 0.3.7 or later to resolve the issue.
PT-2011-1886
4.3
2011-10-09
Typo3 · Vx Xajax Shoutbox · CVE-2010-4951
**Name of the Vulnerable Software and Affected Versions** TYPO3 extension vx xajax shoutbox version 1.0.0 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. **Recommendations** For version 1.0.0, update to version 1.0.1 or later to resolve the issue.
PT-2011-1887
7.5
2011-10-09
Typo3 · Festat · CVE-2010-4952
**Name of the Vulnerable Software and Affected Versions** TYPO3 extension festat versions prior to 0.2.4 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions prior to 0.2.4, update to version 0.2.4 or later to resolve the issue.
PT-2011-1888
10
2011-10-09
Typo3 · Typo3 Jw Calendar Extension · CVE-2010-4953
**Name of the Vulnerable Software and Affected Versions** TYPO3 jw calendar extension versions 1.3.20 and earlier **Description** The issue allows remote attackers to execute arbitrary code. The exact vectors used for the attack are not specified. **Recommendations** For versions 1.3.20 and earlier, update to a version later than 1.3.20 to resolve the issue.
PT-2011-1891
4.3
2011-10-09
Typo3 · Typo3 Questionnaire · CVE-2010-4956
**Name of the Vulnerable Software and Affected Versions** TYPO3 Questionnaire (ke questionnaire) extension versions prior to 2.2.3 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions prior to 2.2.3, update to version 2.2.3 or later to resolve the issue.
PT-2011-1892
7.5
2011-10-09
Typo3 · Typo3 Questionnaire · CVE-2010-4957
**Name of the Vulnerable Software and Affected Versions** TYPO3 Questionnaire (ke questionnaire) extension versions prior to 2.2.3 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions prior to 2.2.3, update to version 2.2.3 or later to resolve the issue.
PT-2011-1895
4.3
2011-10-09
Typo3 · Typo3 Branchenbuch Extension · CVE-2010-4960
**Name of the Vulnerable Software and Affected Versions** TYPO3 Branchenbuch extension versions prior to 0.9.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue.
PT-2011-1896
8.1
2011-10-09
Typo3 · Typo3 Webkitpdf Extension · CVE-2010-4961
**Name of the Vulnerable Software and Affected Versions** TYPO3 webkitpdf extension versions prior to 1.1.4 **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions prior to 1.1.4, update to version 1.1.4 or later to resolve the issue.