Skip to main content

Powermail

7 CVEs product

Monthly

CVE-2024-47047 PHP HIGH PATCH This Week

An issue was discovered in the powermail extension through 12.4.0 for TYPO3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powermail
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-45233 PHP CRITICAL PATCH Act Now

An issue was discovered in powermail extension through 12.3.5 for TYPO3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powermail
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-45232 PHP MEDIUM PATCH This Month

An issue was discovered in powermail extension through 12.3.5 for TYPO3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powermail
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2014-6288 PHP HIGH PATCH This Week

The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Powermail
NVD
CVSS 2.0
7.5
EPSS
0.1%
CVE-2014-3947 PHP HIGH PATCH This Week

Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection File Upload Powermail
NVD
CVSS 2.0
7.5
EPSS
1.7%
CVE-2014-3948 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Powermail
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-5889 PHP MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Powermail
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in the powermail extension through 12.4.0 for TYPO3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powermail
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in powermail extension through 12.3.5 for TYPO3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powermail
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

An issue was discovered in powermail extension through 12.3.5 for TYPO3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Powermail
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Powermail
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection File Upload +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Powermail
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Powermail
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy