| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-6292 | 6.4 |
The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors.
|
03-02-2022 - 19:31 | 03-10-2014 - 14:55 | |
| CVE-2014-6291 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Alphabetic Sitemap (alpha_sitemap) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
08-09-2017 - 01:29 | 03-10-2014 - 14:55 | |
| CVE-2014-6294 | 4.3 |
Cross-site scripting (XSS) vulnerability in the External links click statistics (outstats) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
06-10-2014 - 17:46 | 03-10-2014 - 14:55 | |
| CVE-2014-6296 | 4.3 |
Cross-site scripting (XSS) vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
06-10-2014 - 17:46 | 03-10-2014 - 14:55 | |
| CVE-2014-6295 | 7.5 |
SQL injection vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
06-10-2014 - 17:46 | 03-10-2014 - 14:55 | |
| CVE-2014-6293 | 7.5 |
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in February 2014.
|
06-10-2014 - 17:39 | 03-10-2014 - 14:55 |