MidnightBSD

Advisories for joachim_ruhs

CVE-2009-4802 HIGH

SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joachim_ruhs flat_manager 1.9.2
joachim_ruhs flat_manager 1.8.8
joachim_ruhs flat_manager *
joachim_ruhs flat_manager 1.6.2
joachim_ruhs flat_manager 1.9.10
joachim_ruhs flat_manager 1.5.0
joachim_ruhs flat_manager 1.9.8
joachim_ruhs flat_manager 1.8.6
joachim_ruhs flat_manager 1.8.9
joachim_ruhs flat_manager 1.9.0
joachim_ruhs flat_manager 1.9.1
joachim_ruhs flat_manager 1.9.3
joachim_ruhs flat_manager 1.7.2
joachim_ruhs flat_manager 1.9.7
joachim_ruhs flat_manager 1.7.1
joachim_ruhs flat_manager 1.9.14
joachim_ruhs flat_manager 1.9.12
joachim_ruhs flat_manager 1.7.0
joachim_ruhs flat_manager 1.9.4
joachim_ruhs flat_manager 1.4.0
joachim_ruhs flat_manager 1.6.0
joachim_ruhs flat_manager 1.9.9
joachim_ruhs flat_manager 1.8.0
CVE-2009-4948 MEDIUM

Cross-site scripting (XSS) vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joachim_ruhs locator 1.1.0
joachim_ruhs locator 1.0.7
joachim_ruhs locator *
joachim_ruhs locator 1.0.6
joachim_ruhs locator 1.1.8
CVE-2009-4949 HIGH

SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joachim_ruhs locator 1.1.0
joachim_ruhs locator 1.0.7
joachim_ruhs locator *
joachim_ruhs locator 1.0.6
joachim_ruhs locator 1.1.8
CVE-2010-4950 HIGH

SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joachim_ruhs event 0.2.2
joachim_ruhs event 0.2.5
joachim_ruhs event *
joachim_ruhs event 0.2.7
joachim_ruhs event 0.2.4
CVE-2010-4952 HIGH

SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joachim_ruhs festat *
joachim_ruhs festat 0.1.6
joachim_ruhs festat 0.1.8
joachim_ruhs festat 0.1.9
CVE-2013-5303 HIGH

Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
joachim_ruhs locator 1.1.0
joachim_ruhs locator 1.2.6
joachim_ruhs locator 1.0.7
joachim_ruhs locator 1.2.8
joachim_ruhs locator 2.9.0
joachim_ruhs locator *
joachim_ruhs locator 1.0.6
joachim_ruhs locator 1.1.8
CVE-2013-5304 HIGH

SQL injection vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
joachim_ruhs locator 1.1.0
joachim_ruhs locator 1.2.6
joachim_ruhs locator 1.0.7
joachim_ruhs locator 1.2.8
joachim_ruhs locator 2.9.0
joachim_ruhs locator *
joachim_ruhs locator 1.0.6
joachim_ruhs locator 1.1.8
CVE-2013-5305 MEDIUM

Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joachim_ruhs locator 1.1.0
joachim_ruhs locator 1.2.6
joachim_ruhs locator 1.0.7
joachim_ruhs locator 1.2.8
joachim_ruhs locator 2.9.0
joachim_ruhs locator *
joachim_ruhs locator 1.0.6
joachim_ruhs locator 1.1.8