in2code/powermail Security Advisories (9)
-
[MEDIUM] Powermail extension for TYPO3 allows Insecure Direct Object Reference
PKSA-6dn8-jtbj-nzf7 CVE-2025-7899 GHSA-x769-3cwv-f8hc
Affected version: =13.0.0|>=12.0.0,<12.5.3
Reported by:
GitHub -
[MEDIUM] TYPO3-EXT-SA-2024-007: Insecure Direct Object Reference in extension "powermail" (powermail)
PKSA-smk7-6q9f-1yz5 CVE-2024-47047 GHSA-q25c-r482-77p9
Affected version: >=12.0.0,<12.4.1|>=9.0.0,<10.9.1|>=8.0.0,<8.5.1|<7.5.1
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Powermail TYPO3 extension Broken Access Control in the OutputController
PKSA-skk3-z6j6-54hc CVE-2024-45233 GHSA-9jqr-5x45-pgw8
Affected version: >=11.0.0,<12.4.0|>=9.0.0,<10.9.0|>=8.0.0,<8.5.0|<7.5.0
Reported by:
GitHub -
[MEDIUM] TYPO3-EXT-SA-2024-006: Multiple vulnerabilities in "powermail" (powermail)
PKSA-x55d-gf1k-6pmy CVE-2024-45232 GHSA-p652-xcgx-f85m
Affected version: >=12.0.0,<12.4.0|>=9.0.0,<10.9.0|>=8.0.0,<8.5.0|<7.5.0
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] powermail extension for TYPO3 vulnerable to SQL Injection
PKSA-d48r-jmr8-r3cv CVE-2010-3604 GHSA-rp53-fw29-rxg3
Affected version: <1.5.4
Reported by:
GitHub -
[HIGH] TYPO3 powermail extension has unrestricted file upload vulnerability
PKSA-dw57-tw61-gj7v CVE-2014-3947 GHSA-m278-c6gg-4jrr
Affected version: >=2.0.0,<2.0.14|<1.6.11
Reported by:
GitHub -
[MEDIUM] TYPO3 powermail extension allows remote attackers to bypass CAPTCHA protection mechanism
PKSA-vb9w-1jvr-wdch CVE-2014-6288 GHSA-2jq7-pgqq-gqqj
Affected version: >=2.0.0,<2.0.11
Reported by:
GitHub -
[LOW] powermail extension for TYPO3 has Cross-site Scripting vulnerability
PKSA-qnb2-ks9m-9qjd CVE-2012-5889 GHSA-8cg3-jfjx-3pp2
Affected version: <1.6.5
Reported by:
GitHub -
[HIGH] TYPO3 powermail Extension Vulnerable to SQL Injection via Unspecified Vectors
PKSA-98jj-k7mp-3wm2 CVE-2010-0329 GHSA-mgw4-gv3f-g57j
Affected version: <1.5.2
Reported by:
GitHub