Typo3 Commerce Extension — known CVE vulnerabilities
Every CVE whose affected-product data names Typo3 Commerce Extension, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2008-5609 — CVSS 7.5 (high): SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands…
CVE-2009-4963 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject…