127 matches found
Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion
A directory traversal vulnerability in the givesight PowerMail Pro compowermail component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1532 info: name: Joomla!...
CVE-2010-0329
SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."...
EUVD-2008-2179
Malware in sbrugna...
EUVD-2014-3881
Malware in sbrugna...
EUVD-2012-5763
Malware in sbrugna...
EUVD-2010-3600
Malware in sbrugna...
EUVD-2010-3671
Malware in sbrugna...
EUVD-2010-1559
Malware in sbrugna...
EUVD-2010-0360
Malware in sbrugna...
EUVD-2010-4856
Malware in sbrugna...
EUVD-2010-3601
Malware in sbrugna...
EUVD-2024-2850
Malicious code in bioql PyPI...
EUVD-2025-22306
Malicious code in bioql PyPI...
CVE-2025-7899
The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the downloadFile function in the ModuleController.php file, which fails to validate the query parameter file. An authenticated attacker with access to the backend module can access...
GHSA-X769-3CWV-F8HC Powermail extension for TYPO3 allows Insecure Direct Object Reference
The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...
Powermail extension for TYPO3 allows Insecure Direct Object Reference
The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...
CVE-2025-7899
The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...
CVE-2025-7899 Insecure Direct Object Reference in extension "powermail" (powermail)
The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...
CVE-2025-7899
CVE-2025-7899 concerns the powermail extension for TYPO3, where an Insecure Direct Object Reference (IDOR) could allow downloading arbitrary files from the webserver. Affected versions are powermail 12.0.0 through 12.5.2 and 13.0.0. The underlying issue is an IDOR vulnerability in the module that...