| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-6233 | 7.5 |
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 2.7.10 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6235 | 7.5 |
Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6234 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Open Graph protocol (jh_opengraphprotocol) extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6241 | 7.5 |
SQL injection vulnerability in the wt_directory extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6236 | 7.5 |
Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary scripts via vectors related to extension links.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6232 | 4.0 |
Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6237 | 3.5 |
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6231 | 7.5 |
Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6238 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Akronymmanager (aka SB Folderdownload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
| CVE-2014-6239 | 7.5 |
SQL injection vulnerability in the Address visualization with Google Maps (st_address_map) extension before 0.3.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
11-09-2014 - 19:48 | 11-09-2014 - 14:16 | |
| CVE-2014-6240 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Google Sitemap (weeaar_googlesitemap) extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
11-09-2014 - 17:06 | 11-09-2014 - 14:16 |