Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50172

Malicious code in bioql PyPI...

9.1CVSS7.5AI score0.006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:9 a.m.6 views

CVE-2022-47408

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...

9.1CVSS6.7AI score0.00651EPSS
Exploits0
OSV
OSV
added 2022/12/14 9:30 p.m.12 views

GHSA-R44W-PFX8-28JV "Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...

7.5CVSS9.2AI score0.00674EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/12/14 9:30 p.m.16 views

"Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...

9.1CVSS6.7AI score0.00674EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/12/14 9:15 p.m.28 views

CVE-2022-47408

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...

9.1CVSS0.00651EPSS
Exploits0References1
NVD
NVD
added 2022/12/14 9:15 p.m.26 views

CVE-2022-47411

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...

9.1CVSS0.00674EPSS
Exploits0References1
Prion
Prion
added 2022/12/14 9:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...

6.4CVSS9.1AI score0.00651EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/12/14 9:15 p.m.17 views

Design/Logic Flaw

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations...

5CVSS7.5AI score0.006EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/12/14 9:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...

5CVSS7.5AI score0.00674EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/12/14 12:0 a.m.15 views

CVE-2022-47409

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations...

9.1CVSS6.8AI score0.006EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/14 12:0 a.m.7 views

CVE-2022-47408

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...

9.1CVSS9.2AI score0.00651EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/14 12:0 a.m.27 views

CVE-2022-47408

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people...

9.1CVSS9.4AI score0.00651EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.4 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 fpnewsletter, which stems from the fact that an attacker can unsubscribe everyone via a series of modified subscription uids in a deleteAction...

9.1CVSS7.3AI score0.006EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/14 12:0 a.m.26 views

CVE-2022-47409

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations...

9.1CVSS9.4AI score0.006EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/14 12:0 a.m.37 views

CVE-2022-47410

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations...

9.1CVSS9.4AI score0.00674EPSS
Exploits0References1
CVE
CVE
added 2022/12/14 12:0 a.m.47 views

CVE-2022-47409

CVE-2022-47409 affects the TYPO3 fp_newsletter extension. The issue arises in the deleteAction, where attackers can unsubscribe everyone by manipulating series of subscription UIDs. Affected versions include: pre-1.1.1; 1.2.0; 2.x before 2.1.2; 2.2.1 through 2.4.0; and 3.x before 3.2.6. Impact is...

9.1CVSS7.5AI score0.006EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.5 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 fpnewsletter, which stems from the fact that its subscriber's data can be obtained via an unsubscribeAction operation...

9.1CVSS7.3AI score0.00674EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/14 12:0 a.m.31 views

CVE-2022-47411

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations...

9.1CVSS9.4AI score0.00674EPSS
Exploits0References1
CVE
CVE
added 2022/12/14 12:0 a.m.54 views

CVE-2022-47411

The CVE-2022-47411 flaw affects the TYPO3 fp_newsletter extension and allows exposure of subscriber data via unsubscribeAction. Affected versions include 1.0–1.1.0, 1.2.0, 2.0–2.1.1, 2.2.1–2.4.0, and 3.0–3.2.5. Remediation paths per PT-Security: upgrade to 1.1.1 (or later) for 1.x; to 2.1.2 (or l...

9.1CVSS7.5AI score0.00674EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/14 12:0 a.m.70 views

CVE-2022-47408

CVE-2022-47408 – TYPO3 fp_newsletter CAPTCHA bypass is documented across multiple sources. The vulnerability affects the fp_newsletter (Newsletter subscriber management) extension for TYPO3, with affected versions ranging from 1.0 through 1.1.0, 1.2.0, 2.0 through 2.1.1, 2.2.1 through 2.4.0, and ...

9.1CVSS9.1AI score0.00651EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder