EUVD-2008-6428

Malware in sbrugna...

Missing Access Check in extension "Register to tt_address" (registeraddress)

Due to a missing access check, it is possible to delete certain ttaddress records...

CVE-2008-6458

SQL injection vulnerability in the FE address edit for ttaddress & direct mail dmaddredit extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...