2 matches found
CVE-2010-4960
The CVE-2010-4960 entry concerns an XSS vulnerability in the TYPO3 extension mh_branchenbuch, affecting versions prior to 0.9.1. Remote attackers can inject arbitrary script/HTML via unspecified vectors. Root cause details are not fully disclosed in the provided documents, but the fix is to upgra...
CVE-2008-3054
CVE-2008-3054 describes an SQL injection vulnerability in the Branchenbuch (Yellow Pages) extension mh_branchenbuch for TYPO3 , versions 0.8.1 and earlier. The flaw allows remote attackers to execute arbitrary SQL commands via unspecified vectors. The connected documents confirm the affected prod...