CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6691
https://notcve.org/view.php?id=CVE-2008-6691
SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Vulnerabilidad de inyección SQL en Diocese of Portsmouth Calendar Today (pd_calendar_today) extensión v0.0.3 para TYPO3 permite a atacantes remotos ejecutar comandos SQL de su elección a través de vectores desconocidos. • http://osvdb.org/46388 http://secunia.com/advisories/30737 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1 http://www.securityfocus.com/bid/29819 https://exchange.xforce.ibmcloud.com/vulnerabilities/43206 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6699
https://notcve.org/view.php?id=CVE-2008-6699
Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Resource Library (tjs_reslib) v0.1.0 y anteriores (extensión de TYPO3), permite a usuarios remotos inyectar de forma arbitraria secuencias de comandos web o HTML a través vectores no especificados. • http://osvdb.org/46393 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1 http://www.securityfocus.com/bid/29832 https://exchange.xforce.ibmcloud.com/vulnerabilities/43211 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6686
https://notcve.org/view.php?id=CVE-2008-6686
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Vulnerabilidad de inyección SQL en CoolURI (cooluri) v1.0.11 y anteriores (extensión para TYPO3), permite a atacantes remotos ejecutar comandos SQL de su elección a través de vectores no específicos. • http://osvdb.org/46383 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1 http://www.securityfocus.com/bid/29821 https://exchange.xforce.ibmcloud.com/vulnerabilities/43197 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 32EXPL: 0CVE-2008-6688
https://notcve.org/view.php?id=CVE-2008-6688
Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en JobControl (dmmjobcontrol) v1.15.0 y anteriores (extensión para TYPO3) permite a usuarios remotos inyectar de forma arbitraria secuencias de comandos web o HTML a través de vectores no especificados. • http://osvdb.org/46385 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1 http://www.securityfocus.com/bid/29828 https://exchange.xforce.ibmcloud.com/vulnerabilities/43202 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6692
https://notcve.org/view.php?id=CVE-2008-6692
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Vulnerabilidad de inyección SQL en Diocese of Portsmouth Training Courses (pd_trainingcourses), extensión v0.1.1 para TYPO3, permite a atacantes remotos ejecutar comandos SQL de su elección a través de vectores desconocidos. • http://osvdb.org/46389 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1 http://www.securityfocus.com/bid/29822 https://exchange.xforce.ibmcloud.com/vulnerabilities/43207 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •