Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (530 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6456 2 Martin Helmich, Typo3 2 Hbook, Typo3 2025-04-09 N/A
SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6346 2 Dennis Royer, Typo3 2 Dr Wiki, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6344 1 Typo3 2 Tu-clausthal Staff, Typo3 2025-04-09 N/A
SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6343 1 Typo3 2 Tu-clausthal Odin, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6342 2 Lobacher Patrick, Typo3 2 Simplefilebrowser, Typo3 2025-04-09 N/A
Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.
CVE-2008-6340 2 Mathieu Vidal, Typo3 2 Mv Vox Populi, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6338 2 Typo3, Weber-ebusiness 2 Typo3, Wes Facilities 2025-04-09 N/A
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6145 1 Typo3 2 Typo3, Wec Discussion Forum 2025-04-09 N/A
Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6144 1 Typo3 2 Typo3, Wec Discussion Forum 2025-04-09 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-3029.
CVE-2008-5995 1 Typo3 2 Freecap Captcha Extension, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5801 1 Typo3 1 Dictionary Extension 2025-04-09 N/A
Unspecified vulnerability in the Dictionary (rtgdictionary) extension 0.1.9 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors.
CVE-2008-5800 1 Typo3 2 Fsmi People, Wir Ber Uns Extension 2025-04-09 N/A
SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5799 1 Typo3 2 Typo3, Wir Ber Uns Extension 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Wir ber uns (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2344 1 Typo3 1 Air Filemanager 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6689 2 Kevin Renskers, Typo3 2 Dmmjobcontrol, Typo3 2025-04-09 N/A
SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-5798 1 Typo3 2 Cms Poll System Extension, Typo3 2025-04-09 N/A
SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5797 1 Typo3 2 Advcalendar Extension, Typo3 2025-04-09 N/A
SQL injection vulnerability in the advCalendar extension 0.3.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2275 1 Typo3 1 Sr Feuser Register Extension 2025-04-09 N/A
Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to execute arbitrary code and delete arbitrary files via unspecified attack vectors.
CVE-2008-5096 1 Typo3 2 File List Extension, Typo3 2025-04-09 N/A
Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.
CVE-2008-5087 1 Typo3 2 Another Backend Login, Typo3 2025-04-09 N/A
SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.