CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2013-5323
https://notcve.org/view.php?id=CVE-2013-5323
Cross-site scripting (XSS) vulnerability in the Static Info Tables (static_info_tables) extension before 2.3.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en la extensión Static Info Tables (static_info_tables) anterior a 2.3.1 para TYPO3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://osvdb.org/90414 http://secunia.com/advisories/52283 http://typo3.org/extensions/repository/view/static_info_tables http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-004 http://www.securityfocus.com/bid/58056 https://exchange.xforce.ibmcloud.com/vulnerabilities/82212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5302
https://notcve.org/view.php?id=CVE-2013-5302
SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión Faceted Search (ke_search) anterior a v1.4.1 para TYPO3 permite a atacantes remotos ejecutar comandos SQL arbitrarios mediante vectores desconocidos. • http://osvdb.org/95959 http://secunia.com/advisories/54306 http://typo3.org/extensions/repository/view/ke_search http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013 http://www.securityfocus.com/bid/61609 https://exchange.xforce.ibmcloud.com/vulnerabilities/86235 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2013-5308
https://notcve.org/view.php?id=CVE-2013-5308
Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-site scripting (XSS) en la extensión RealURL Management (realurlmanagement) v0.3.4 y anteriores para TYPO3, permite a atacantes remotos inyectar web scripts arbitrarios o HTML mediante vectores desconocidos. • http://osvdb.org/95958 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013 http://www.securityfocus.com/bid/61654 https://exchange.xforce.ibmcloud.com/vulnerabilities/86237 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2013-5304
https://notcve.org/view.php?id=CVE-2013-5304
SQL injection vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión Store Locator (locator) anterior a v3.1.5 para TYPO3 permite a atacantes remotos ejecutar comandos SQL arbitrarios mediante vectores desconocidos. • http://osvdb.org/95962 http://secunia.com/advisories/54350 http://typo3.org/extensions/repository/view/locator http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013 http://www.securityfocus.com/bid/61606 https://exchange.xforce.ibmcloud.com/vulnerabilities/86230 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2013-5310
https://notcve.org/view.php?id=CVE-2013-5310
SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión DB Integration (wfqbe) anterior a v2.0.1 para TYPO3 permite a atacantes remotos ejecutar comandos SQL arbitrarios mediante vectores desconocidos. • http://osvdb.org/95957 http://typo3.org/extension-manuals/wfqbe/2.0.1/view/1/5 http://typo3.org/extensions/repository/view/wfqbe http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013 http://www.securityfocus.com/bid/61653 https://exchange.xforce.ibmcloud.com/vulnerabilities/86238 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •