Security Advisories
All Advisories
SECURITY-BULLETIN-TYPO3-20080527-2-SQL-INJECTION-IN-EXTENSION-LIBRARY-FOR-FRONTEND-PLUGINS-SG-ZFELIB: Security Bulletin TYPO3-20080527-2: SQL Injection in extension "Library for Frontend plugins" (sg_zfelib)
It has been discovered that the extension "Library for Frontend plugins" (sg_zfelib) is susceptible to SQL Injections.
Read moreSECURITY-BULLETIN-TYPO3-20080527-1-CROSS-SITE-SCRIPTING-VULNERABILITY-IN-EXTENSION-KJ-IMAGE-LIGHTBOX-V2-KJ-IMAGELIGHTBOX2: Security Bulletin TYPO3-20080527-1: Cross Site Scripting vulnerability in extension "KJ: Image Lightbox v2" (kj_imagelightbox2)
It has been discovered that the extension "KJ: Image Lightbox v2" (kj_imagelightbox2) is susceptible to Cross Site Scripting (XSS) attacks.
TYPO3-20080527-1: Cross Site Scripting vulnerability in extension "KJ: Image Lightbox v2" (kj_imagelightbox2)
It has been discovered that the extension "KJ: Image Lightbox v2" (kj_imagelightbox2) is susceptible to Cross Site Scripting (XSS) attacks.
TYPO3-20080515-1: Multiple vulnerabilities in extension Frontend User Registration (sr_feuser_register)
It has been discovered that the extension Frontend User Registration (sr_feuser_register) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Command Execution.
TYPO3-20080515-2: Multiple vulnerabilities in extension Frontend Filemanager (air_filemanager)
It has been discovered that the extension Frontend Filemanager (air_filemanager) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.
SECURITY-BULLETIN-TYPO3-20080515-2-MULTIPLE-VULNERABILITIES-IN-EXTENSION-FRONTEND-FILEMANAGER-AIR-FILEMANAGER: Security Bulletin TYPO3-20080515-2: Multiple vulnerabilities in extension Frontend Filemanager (air_filemanager)
It has been discovered that the extension Frontend Filemanager (air_filemanager) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.
SECURITY-BULLETIN-TYPO3-20080515-1-MULTIPLE-VULNERABILITIES-IN-EXTENSION-FRONTEND-USER-REGISTRATION-SR-FEUSER-REGISTER: Security Bulletin TYPO3-20080515-1: Multiple vulnerabilities in extension Frontend User Registration (sr_feuser_register)
It has been discovered that the extension Frontend User Registration (sr_feuser_register) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Command Execution.
TYPO3-20080513-4: Multiple vulnerabilities in extension Statistics (ke_stats)
It has been discovered that the extension Statistics (ke_stats) is vulnerable to Blind SQL Injection attacks. Also, a Cross Site Scripting issue has been found.
TYPO3-20080513-3: Cross Site Scripting vulnerability in extension Event Database (rlmp_eventdb)
It has been discovered that the extension Event Database (rlmp_eventdb) is susceptible to Cross Site Scripting (XSS) attacks.
TYPO3-20080513-2: Cross Site Scripting vulnerability in extension Questionaire (pbsurvey)
It has been discovered that the extension Questionaire (pbsurvey) is susceptible to Cross Site Scripting (XSS) attacks.