CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-4719
https://notcve.org/view.php?id=CVE-2013-4719
SQL injection vulnerability in the SEO Pack for tt_news extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad SQL injection en el SEO Pack para la extensión tt_news anterior a v1.3.3 para TYPO3 permite a atacantes remotos ejecutar código arbitrario SQL a través de vectores sin especificar. • http://secunia.com/advisories/53283 http://typo3.org/extensions/repository/view/lonewsseo http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/81574 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2013-4720
https://notcve.org/view.php?id=CVE-2013-4720
SQL injection vulnerability in the WEC Discussion Forum extension before 2.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión WEC Discussion Forum anterior a v2.1.2 para TYPO3 permite a atacantes remotos ejecutar comandos SQL de su elección a través de vectores no especificados. • http://osvdb.org/90413 http://typo3.org/extensions/repository/view/wec_discussion http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-005 http://www.securityfocus.com/bid/58054 https://exchange.xforce.ibmcloud.com/vulnerabilities/82217 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-4721
https://notcve.org/view.php?id=CVE-2013-4721
SQL injection vulnerability in the RSS feed from records extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en el feed RSS de extensión de los registros v1.0.0 y versiones anteriores para TYPO3 permite a atacantes remotos ejecutar comandos SQL de su elección a través de vectores no especificados. • http://osvdb.org/90411 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-005 https://exchange.xforce.ibmcloud.com/vulnerabilities/82218 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.0EPSS: 0%CPEs: 20EXPL: 0CVE-2012-6577
https://notcve.org/view.php?id=CVE-2012-6577
SQL injection vulnerability in the Formhandler extension before 1.4.1 for TYPO3 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión Formhandler anterior a 1.4.1 para TYPO3, permite a usuarios autenticados remotamente con determinados permisos la ejecución de comandos SQL arbitrarios a través de vectores no especificados. • http://typo3.org/extensions/repository/view/formhandler http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-012 https://exchange.xforce.ibmcloud.com/vulnerabilities/79670 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 11EXPL: 0CVE-2013-4680
https://notcve.org/view.php?id=CVE-2013-4680
Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and earlier for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión "Maag Form Captcha" v2.0.0 y anteriores para TYPO3 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://osvdb.org/93818 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-007 http://www.securityfocus.com/bid/60298 https://exchange.xforce.ibmcloud.com/vulnerabilities/84670 •