Fr.simon RundellCVEs & Vulnerabilities

13 CVEs affecting Fr.simon Rundell products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

pd diocesedatabase 5ste prayer2 5hs religiousartgallery 2pd resources 2ste parish admin 2pd churchsearch 1ste prayer 1pd trainingcourses 1
CVE-2010-1013HIGH

SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

19 Mar 2010
7.5
CVSS
CVE-2009-4401HIGH

SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

23 Dec 2009
7.5
CVSS
CVE-2009-4400MEDIUM

Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

23 Dec 2009
4.3
CVSS
CVE-2009-4399HIGH

SQL injection vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

23 Dec 2009
7.5
CVSS
CVE-2009-4398MEDIUM

Cross-site scripting (XSS) vulnerability in the Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery) extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

23 Dec 2009
4.3
CVSS
CVE-2009-4397MEDIUM

Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

23 Dec 2009
4.3
CVSS
CVE-2009-4396HIGH

SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

23 Dec 2009
7.5
CVSS
CVE-2009-4395MEDIUM

Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

23 Dec 2009
4.3
CVSS
CVE-2009-4394HIGH

SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

23 Dec 2009
7.5
CVSS
CVE-2008-6694HIGH

SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

11 Apr 2009
7.5
CVSS
CVE-2008-6692HIGH

SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

11 Apr 2009
7.5
CVSS
CVE-2008-6463HIGH

SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

13 Mar 2009
7.5
CVSS
CVE-2008-6461HIGH

SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

13 Mar 2009
7.5
CVSS
← PrevPage 1 / 1Next →