Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2010-01-15...
SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/
SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2010-01-15 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/