CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2021/07/26 9:34 p.m.•19 views

GHSA-QWMJ-72MP-Q3M2 Missing Authorization in TYPO3 extension

The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...

4.3CVSS4.6AI score0.00778EPSS

OSV•added 2021/07/26 9:34 p.m.•20 views

GHSA-9PM8-XCJ6-2M33 Missing Authorization in TYPO3 extension

The directmail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables...

4.3CVSS4.8AI score0.00778EPSS

Github Security Blog•added 2021/07/26 9:34 p.m.•69 views

Missing Authorization in TYPO3 extension

The directmail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables...

4.3CVSS3.4AI score0.00778EPSS

Github Security Blog•added 2021/05/24 4:58 p.m.•52 views

Open redirect in direct_mail

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

6.1CVSS2.6AI score0.00781EPSS

OSV•added 2021/05/24 4:58 p.m.•22 views

GHSA-952M-M83C-3XM6 Open redirect in direct_mail

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

6.1CVSS6.3AI score0.00781EPSS

OSV•added 2021/05/24 4:58 p.m.•27 views

GHSA-5GM6-R79Q-HFGW Denial of service in direct_mail

The directmail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries...

5.3CVSS5.4AI score0.01279EPSS

Github Security Blog•added 2021/05/24 4:58 p.m.•46 views

Denial of service in direct_mail

The directmail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries...

5.3CVSS3.6AI score0.01279EPSS

NVD•added 2020/05/13 1:15 p.m.•11 views

CVE-2020-12699

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

6.1CVSS6.3AI score0.00781EPSS

NVD•added 2020/05/13 1:15 p.m.•15 views

CVE-2020-12700

The directmail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query...

4.3CVSS4.5AI score0.00778EPSS

NVD•added 2020/05/13 1:15 p.m.•21 views

CVE-2020-12697

The directmail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries...

5.3CVSS5.3AI score0.01279EPSS

NVD•added 2020/05/13 1:15 p.m.•19 views

CVE-2020-12698

The directmail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables...

4.3CVSS4.7AI score0.00778EPSS

Prion•added 2020/05/13 1:15 p.m.•17 views

Open redirect

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

5.8CVSS6.3AI score0.00781EPSS

Prion•added 2020/05/13 1:15 p.m.•23 views

Improper access control

The directmail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables...

4CVSS4.7AI score0.00778EPSS

Prion•added 2020/05/13 1:15 p.m.•17 views

Design/Logic Flaw

The directmail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries...

5CVSS5.3AI score0.01279EPSS

CVE•added 2020/05/13 12:43 p.m.•62 views

CVE-2020-12700

The CVE-2020-12700 issue affects TYPO3's Direct Mail extension (direct_mail), version up to 5.2.3. The root cause is a missing access check for an authenticated backend user when using the Special Query feature, which enables Information Disclosure of newsletter subscriber data. Documented impact...

4.3CVSS4.6AI score0.00778EPSS