Lucene search
K

65 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:45 a.m.11 views

CVE-2010-0329

SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."...

7.5CVSS8.8AI score0.01063EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3671

Malware in sbrugna...

5CVSS6.4AI score0.01233EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-3600

Malware in sbrugna...

7.5CVSS6.4AI score0.01072EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-2179

Malware in sbrugna...

4.3CVSS6.4AI score0.01286EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-5763

Malware in sbrugna...

4.3CVSS6.4AI score0.00931EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-3881

Malware in sbrugna...

4.3CVSS6.4AI score0.01161EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2010-4856

Malware in sbrugna...

4.3CVSS6.4AI score0.01042EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-0360

Malware in sbrugna...

7.5CVSS6.4AI score0.01063EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-2850

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00485EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-22306

Malicious code in bioql PyPI...

6CVSS6.3AI score0.00275EPSS
Exploits0References3
CVE
CVE
added 2025/07/22 10:18 a.m.14 views

CVE-2025-7899

CVE-2025-7899 concerns the powermail extension for TYPO3, where an Insecure Direct Object Reference (IDOR) could allow downloading arbitrary files from the webserver. Affected versions are powermail 12.0.0 through 12.5.2 and 13.0.0. The underlying issue is an IDOR vulnerability in the module that...

6CVSS6.5AI score0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/22 10:18 a.m.4 views

CVE-2025-7899 Insecure Direct Object Reference in extension "powermail" (powermail)

The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...

6CVSS6.5AI score0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/22 10:18 a.m.10 views

CVE-2025-7899 Insecure Direct Object Reference in extension "powermail" (powermail)

The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0...

6CVSS0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:28 a.m.7 views

CVE-2024-45233

An issue was discovered in powermail extension through 12.3.5 for TYPO3. Several actions in the OutputController can directly be called, due to missing or insufficiently implemented access checks, resulting in Broken Access Control. Depending on the configuration of the Powermail Frontend plugins...

9.8CVSS6.9AI score0.00376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:28 a.m.6 views

CVE-2024-45232

An issue was discovered in powermail extension through 12.3.5 for TYPO3. It fails to validate the mail parameter of the confirmationAction, resulting in Insecure Direct Object Reference IDOR. An unauthenticated attacker can use this to display the user-submitted data of all forms persisted by the...

7.3CVSS6.9AI score0.00297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:43 a.m.8 views

CVE-2024-47047

An issue was discovered in the powermail extension through 12.4.0 for TYPO3. It fails to validate the mail parameter of the createAction, resulting in Insecure Direct Object Reference IDOR in some configurations. An unauthenticated attacker can use this to display user-submitted data of all forms...

7.5CVSS6.9AI score0.00485EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:29 a.m.5 views

CVE-2010-3604

SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.7AI score0.01072EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:52 a.m.5 views

CVE-2010-3605

Cross-site scripting XSS vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:31 a.m.6 views

CVE-2010-4892

Cross-site scripting XSS vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01042EPSS
Exploits0References1
NVD
NVD
added 2024/09/17 2:15 p.m.17 views

CVE-2024-47047

An issue was discovered in the powermail extension through 12.4.0 for TYPO3. It fails to validate the mail parameter of the createAction, resulting in Insecure Direct Object Reference IDOR in some configurations. An unauthenticated attacker can use this to display user-submitted data of all forms...

7.5CVSS0.00485EPSS
Exploits0References1
Rows per page
Query Builder