Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (530 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4343 2 Dominic Eckart, Typo3 2 Trainincdb, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Training Company Database (trainincdb) extension 0.4.7 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4344 2 Tobias Sommer, Typo3 2 Zid Linklist, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the ZID Linkliste (zid_linklist) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4345 2 Jonas Renggli, Typo3 2 Vshoutbox, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4346 2 Toni Milovan, Typo3 2 Fe Rtenews, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Frontend news submitter with RTE (fe_rtenews) extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4388 2 Frank Krger, Typo3 2 Nl Listman, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the ListMan (nl_listman) extension 1.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4390 2 Jochen Rieger, Typo3 2 Car, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4391 2 Daniel Regelein, Typo3 2 Dr Blob, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4392 1 Typo3 2 Typo3, Xds Staff 2025-04-09 N/A
SQL injection vulnerability in the XDS Staff List (xds_staff) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4394 2 Fr.simon Rundell, Typo3 2 Ste Prayer2, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4396 2 Fr.simon Rundell, Typo3 2 Pd Resources, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4399 2 Fr.simon Rundell, Typo3 2 Hs Religiousartgallery, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4400 2 Fr.simon Rundell, Typo3 2 Ste Parish Admin, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4401 2 Fr.simon Rundell, Typo3 2 Ste Parish Admin, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0322 2 Matthias Karr, Typo3 2 Mk Anydropdownmenu, Typo3 2025-04-09 N/A
SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0324 2 Patrick Bauerochse, Typo3 2 Ref List, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0325 2 Sebastian Baumann, Typo3 2 Sb Folderdownload, Typo3 2025-04-09 N/A
Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
CVE-2010-0326 3 Francois Suter, Rene Fritz, Typo3 3 Devlog, Devlog, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0327 2 Julian Kleinhans, Typo3 2 Kj Imagelightbox2, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-2490.
CVE-2010-0328 2 Rastislav Birka, Typo3 2 Cs2 Unitconv, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0329 2 Alex Kellner, Typo3 2 Powermail, Typo3 2025-04-09 N/A
SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."