Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (527 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4962 2 Dev-team Typoheads, Typo3 2 Webkitpdf, Typo3 2025-04-11 N/A
Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2011-5080 2 Juergen Furrer, Typo3 2 Jftcaforms, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in lib/class.tx_jftcaforms_tceFunc.php in the Additional TCA Forms (jftcaforms) extension before 0.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-1080 1 Typo3 2 Skt Eurocalc, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3528 1 Typo3 1 Typo3 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4960 2 Martin Hesse, Typo3 2 Mh Branchenbuch, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yellow Pages or mh_branchenbuch) extension before 0.9.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-4634 2 Raphael Zschorsch, Typo3 2 Rzautocomplete, Typo3 2025-04-11 N/A
SQL injection vulnerability in the jQuery autocomplete for indexed_search (rzautocomplete) extension before 0.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4680 2 Typo3, Urs Maag 2 Typo3, Maag Form Captcha 2025-04-11 N/A
Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and earlier for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2013-4681 2 Michael Staatz, Typo3 2 Sofortueberweisung2commerce, Typo3 2025-04-11 N/A
SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4721 2 3ds, Typo3 2 Push2rss 3ds, Typo3 2025-04-11 N/A
SQL injection vulnerability in the RSS feed from records extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4871 2 Markus Blaschke, Typo3 2 Tq Seo, Typo3 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO Enhancements (tq_seo) extension before 5.0.1 for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2010-4957 2 Nadine Schwingler, Typo3 2 Ke Questionnaire, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4953 2 Jw Calendar, Typo3 2 Jw Calendar, Typo3 2025-04-11 N/A
Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2013-5306 2 Die-netzmacher, Typo3 2 Browser, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5307 2 Kennziffer, Typo3 2 Ke Search, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-5308 2 Juralsulek, Typo3 2 Realurlmanagement, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-5569 2 Heiko Sudar, Typo3 2 Slideshare, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Slideshare extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6288 2 Ingo Renner, Typo3 2 Apache Solr, Typo3 2025-04-11 N/A
Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."
CVE-2013-7077 1 Typo3 1 Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4956 2 Nadine Schwingler, Typo3 2 Ke Questionnaire, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4890 2 Andreas Kiefer, Typo3 2 Ke Yac, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.