Cross-site scripting (XSS) vulnerability in the Google Sitemap (weeaar_googlesitemap) extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69571 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
SQL injection vulnerability in the Address visualization with Google Maps (st_address_map) extension before 0.3.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69564 http://typo3.org/extensions/repository/view/st_address_map
Cross-site scripting (XSS) vulnerability in the Akronymmanager (aka SB Folderdownload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69570...
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69567 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary scripts via vectors related to extension links. Date published : 2014-09-11 http://www.securityfocus.com/bid/69569 http://typo3.org/extensions/repository/view/lumophpinclude
Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69563 http://typo3.org/extensions/repository/view/ke_dompdf
Cross-site scripting (XSS) vulnerability in the Open Graph protocol (jh_opengraphprotocol) extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69566 http://typo3.org/extensions/repository/view/jh_opengraphprotocol
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 2.7.10 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69561 http://typo3.org/extensions/repository/view/flatmgr
Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69565 http://typo3.org/extensions/repository/view/eu_ldap
Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors. Date published : 2014-09-11 http://www.securityfocus.com/bid/69562 http://typo3.org/extensions/repository/view/cwt_feedit
Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.php. Date published : 2014-09-11 LogAnalyzer...
ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 does not properly restrict access to the database browser, which allows remote authenticated users to obtain access to the database via a direct...
The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Date published...
The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Date...