Lucene search
+L

136 matches found

ptsecurity
ptsecurity
added 2022/12/14 12:0 a.m.7 views

PT-2022-28062 · Typo3 · Fp Newsletter

Name of the Vulnerable Software and Affected Versions: fp newsletter extension versions 1.0 through 1.1.0 fp newsletter extension version 1.2.0 fp newsletter extension versions 2.0 through 2.1.1 fp newsletter extension versions 2.2.1 through 2.4.0 fp newsletter extension versions 3.0 through 3.2....

9.1CVSS7.4AI score0.00674EPSS
Exploits0References7
cnnvd
cnnvd
added 2022/12/14 12:0 a.m.3 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 fpnewsletter, which stems from the fact that data about its subscribers can be obtained via the createAction operation...

9.1CVSS7.3AI score0.00674EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2022/12/14 12:0 a.m.7 views

PT-2022-28061 · Typo3 · Fp Newsletter

Name of the Vulnerable Software and Affected Versions: fp newsletter extension versions prior to 1.1.1 fp newsletter extension version 1.2.0 fp newsletter extension versions 2.x prior to 2.1.2 fp newsletter extension versions 2.2.1 through 2.4.0 fp newsletter extension versions 3.x prior to 3.2.6...

9.1CVSS7.5AI score0.00674EPSS
Exploits0References8
cve
cve
added 2022/12/14 12:0 a.m.54 views

CVE-2022-47411

The CVE-2022-47411 flaw affects the TYPO3 fp_newsletter extension and allows exposure of subscriber data via unsubscribeAction. Affected versions include 1.0–1.1.0, 1.2.0, 2.0–2.1.1, 2.2.1–2.4.0, and 3.0–3.2.5. Remediation paths per PT-Security: upgrade to 1.1.1 (or later) for 1.x; to 2.1.2 (or l...

9.1CVSS7.5AI score0.00674EPSS
Exploits0References1Affected Software1
cve
cve
added 2022/12/14 12:0 a.m.59 views

CVE-2022-47410

The CVE-2022-47410 entry affects the TYPO3 fp_newsletter (Newsletter subscriber management) extension. The reported issue is that data about subscribers may be obtained via createAction operations, with vulnerable versions including before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1–2.4.0, and 3.x befo...

9.1CVSS7.5AI score0.00674EPSS
Exploits0References1Affected Software1
malwarebytes
malwarebytes
added 2022/03/11 8:50 p.m.31 views

HBO sued for sharing subscriber data with Facebook

HBO Max subscribers Angel McDaniel and Constance Simon filed a class-action lawsuit against HBO on Tuesday, alleging that the company has violated their privacy by sharing subscriber viewing data with Facebook. Bursor & Fisher filed the case on behalf of McDaniel and Simon. According to case...

0.9AI score
Exploits0
hackread
hackread
added 2021/10/06 6:47 p.m.28 views

The Telegraph newspaper exposed 10TB of subscriber data

By Deeba Ahmed The data was exposed due to an unprotected Elasticsearch cluster and remained open to public access without any security authentication. This is a post from HackRead.com Read the original post: The Telegraph newspaper exposed 10TB of subscriber data...

1.2AI score
Exploits0
veracode
veracode
added 2021/07/28 5:1 a.m.27 views

Information Disclosure

directmailteam/direct-mail is vulnerable to information disclosure. The extension fails to check if an authenticated backend user has access to pages with newsletter subscriber data when using the "Special query" feature...

4.3CVSS2.6AI score0.00778EPSS
Exploits0References3Affected Software1
osv
osv
added 2021/07/26 9:34 p.m.26 views

GHSA-QWMJ-72MP-Q3M2 Missing Authorization in TYPO3 extension

The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...

4.3CVSS4.6AI score0.00778EPSS
Exploits0References3
cnvd
cnvd
added 2020/05/14 12:0 a.m.6 views

TYPO3 Direct Mail Component Information Disclosure Vulnerability (CNVD-2020-28942)

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A security vulnerability exists in the Direct Mail component of TYPO3 5.2.3 and prior versions, which originates from the program's inability to check whether an authenticated back-end user...

4.3CVSS6.5AI score0.00778EPSS
Exploits0References1
osv
osv
added 2020/05/13 1:15 p.m.7 views

CVE-2020-12700

The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...

4.3CVSS5.9AI score0.00778EPSS
Exploits0References2
nvd
nvd
added 2020/05/13 1:15 p.m.26 views

CVE-2020-12700

The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...

4.3CVSS4.5AI score0.00778EPSS
Exploits0References2
prion
prion
added 2020/05/13 1:15 p.m.23 views

Information disclosure

The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...

4CVSS4.4AI score0.00778EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/05/13 12:43 p.m.21 views

CVE-2020-12700

The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...

4.4AI score0.00778EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2019/02/21 12:0 a.m.5 views

The vulnerability in the web interface of the Graphite software for managing policies, billing, and managing subscriber data in the Cisco Policy Suite for Mobile allows a perpetrator to gain access to protected data.

The vulnerability in the web interface of the Graphite software for managing policies, billing, and managing subscriber data in the Cisco Policy Suite for Mobile is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to protected...

4.3CVSS5.7AI score0.01933EPSS
Exploits0References3Affected Software1
threatpost
threatpost
added 2014/03/10 10:31 a.m.13 views

Microsoft Disclosed User Content in 10% of U.S. Law Enforcement Requests

Microsoft supplied user content in response to 10.8 percent of the law enforcement requests it received from United States agencies in the second half of 2013. The company got more than 5,600 requests from U.S. agencies in the last six months of the year, and in the vast majority of those–68...

0.7AI score
Exploits0References3
Rows per page
Query Builder