CVE-2013-6288
https://notcve.org/view.php?id=CVE-2013-6288
Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." Vunerabilidad sin especificar en Apache Solr para la extensión TYPO3 anterior a 2.8.3 con impacto y vectores de ataque desconocidos relacionados con "Deserializacióin Insegura" • http://secunia.com/advisories/54978 http://typo3.org/extensions/repository/view/solr http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009 http://www.securityfocus.com/bid/62674 •
CVE-2013-5569
https://notcve.org/view.php?id=CVE-2013-5569
SQL injection vulnerability in the Slideshare extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión Slideshare v0.1.0 para TYPO3, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://osvdb.org/90417 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-005 https://exchange.xforce.ibmcloud.com/vulnerabilities/82219 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2013-5570
https://notcve.org/view.php?id=CVE-2013-5570
Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-site scripting (XSS) en la extensión Javascript y CSS Optimizer anterior a v1.1.14 para TYPO3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://secunia.com/advisories/53253 http://typo3.org/extensions/repository/view/js_css_optimizer http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/81583 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-5322
https://notcve.org/view.php?id=CVE-2013-5322
SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión CoolURI 1.0.30 para TYPO3, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://osvdb.org/90415 http://secunia.com/advisories/52282 http://typo3.org/extensions/repository/view/cooluri http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-003 http://www.securityfocus.com/bid/58055 https://exchange.xforce.ibmcloud.com/vulnerabilities/82213 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2013-5323
https://notcve.org/view.php?id=CVE-2013-5323
Cross-site scripting (XSS) vulnerability in the Static Info Tables (static_info_tables) extension before 2.3.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en la extensión Static Info Tables (static_info_tables) anterior a 2.3.1 para TYPO3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://osvdb.org/90414 http://secunia.com/advisories/52283 http://typo3.org/extensions/repository/view/static_info_tables http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-004 http://www.securityfocus.com/bid/58056 https://exchange.xforce.ibmcloud.com/vulnerabilities/82212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •