12 matches found
CVE-2009-4159
Cross-site scripting XSS vulnerability in the newsletter configuration feature in the backend module in the Direct Mail directmail extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
EUVD-2009-4129
Malware in sbrugna...
EUVD-2022-4262
Malicious code in bioql PyPI...
CVE-2020-12697
The directmail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries...
CVE-2020-12700
The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...
CVE-2020-12698
The directmail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables...
PT-2020-13211
Name of the Vulnerable Software and Affected Versions: direct mail extension for TYPO3 versions through 5.2.3 Description: The issue allows for Denial of Service via log entries. Recommendations: For versions through 5.2.3, update to a version later than 5.2.3 to resolve the issue...
TYPO3 Direct Mail Extension CVE-2019-16698 Information Disclosure Vulnerability
Description Direct Mail Extension for TYPO3 is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. dkd Direct Mail Extension versions prior to 5.2.3 are vulnerable. Technologies Affected dkd...
Authentication flaw
The Direct Mail directmail extension before 3.1.2 for TYPO3 allows remote attackers to obtain sensitive information by leveraging improper checking of authentication codes...
CVE-2009-4159
Cross-site scripting XSS vulnerability in the newsletter configuration feature in the backend module in the Direct Mail directmail extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the newsletter configuration feature in the backend module in the Direct Mail directmail extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4159
Cross-site scripting XSS vulnerability in the newsletter configuration feature in the backend module in the Direct Mail directmail extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...