Vulnerability-Lookup - Search a vulnerability

CVE-2010-4892 (GCVE-0-2010-4892)

Vulnerability from cvelistv5

Published

2011-10-07 10:00

Modified

2024-09-16 19:56

Severity ?

CWE

n/a

Summary

Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

►

URL

Tags

	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021	x_refsource_CONFIRM
	http://typo3.org/extensions/repository/view/powermail/1.5.5	x_refsource_CONFIRM
	http://secunia.com/advisories/41962	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:02:30.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail/1.5.5"
          },
          {
            "name": "41962",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41962"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-07T10:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail/1.5.5"
        },
        {
          "name": "41962",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41962"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4892",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021"
            },
            {
              "name": "http://typo3.org/extensions/repository/view/powermail/1.5.5",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail/1.5.5"
            },
            {
              "name": "41962",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41962"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4892",
    "datePublished": "2011-10-07T10:00:00Z",
    "dateReserved": "2011-10-07T00:00:00Z",
    "dateUpdated": "2024-09-16T19:56:19.783Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2012-5889 (GCVE-0-2012-5889)

Vulnerability from cvelistv5

Published

2012-11-17 21:00

Modified

2024-08-06 21:21

Severity ?

CWE

n/a

Summary

Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

►

URL

Tags

	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/74461	vdb-entry, x_refsource_XF

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:21:27.834Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/"
          },
          {
            "name": "typo3-powermail-unspecified-xss(74461)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74461"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/"
        },
        {
          "name": "typo3-powermail-unspecified-xss(74461)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74461"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-5889",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/",
              "refsource": "MISC",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/"
            },
            {
              "name": "typo3-powermail-unspecified-xss(74461)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74461"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2012-5889",
    "datePublished": "2012-11-17T21:00:00",
    "dateReserved": "2012-11-17T00:00:00",
    "dateUpdated": "2024-08-06T21:21:27.834Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-3947 (GCVE-0-2014-3947)

Vulnerability from cvelistv5

Published

2014-10-03 14:00

Modified

2024-08-06 10:57

Severity ?

CWE

n/a

Summary

Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors.

References

►

URL

Tags

	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/	x_refsource_CONFIRM
	http://typo3.org/extensions/repository/view/powermail	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:57:18.097Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-10-07T11:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3947",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/"
            },
            {
              "name": "http://typo3.org/extensions/repository/view/powermail",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3947",
    "datePublished": "2014-10-03T14:00:00",
    "dateReserved": "2014-06-03T00:00:00",
    "dateUpdated": "2024-08-06T10:57:18.097Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-3948 (GCVE-0-2014-3948)

Vulnerability from cvelistv5

Published

2014-06-04 14:00

Modified

2024-08-06 10:57

Severity ?

CWE

n/a

Summary

Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

►

URL

Tags

	http://typo3.org/extensions/repository/view/powermail	x_refsource_CONFIRM
	http://secunia.com/advisories/58909	third-party-advisory, x_refsource_SECUNIA
	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2014/06/03/3	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:57:17.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail"
          },
          {
            "name": "58909",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58909"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007"
          },
          {
            "name": "[oss-security] 20140603 Re: CVE ID request: typo3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/06/03/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-06-04T12:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail"
        },
        {
          "name": "58909",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58909"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007"
        },
        {
          "name": "[oss-security] 20140603 Re: CVE ID request: typo3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/06/03/3"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3948",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/extensions/repository/view/powermail",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail"
            },
            {
              "name": "58909",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58909"
            },
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007",
              "refsource": "MISC",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007"
            },
            {
              "name": "[oss-security] 20140603 Re: CVE ID request: typo3",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/06/03/3"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3948",
    "datePublished": "2014-06-04T14:00:00",
    "dateReserved": "2014-06-03T00:00:00",
    "dateUpdated": "2024-08-06T10:57:17.944Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3604 (GCVE-0-2010-3604)

Vulnerability from cvelistv5

Published

2010-09-24 19:44

Modified

2024-09-16 22:36

Severity ?

CWE

n/a

Summary

SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References

►

URL

Tags

	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	x_refsource_CONFIRM
	http://typo3.org/extensions/repository/view/powermail/1.5.4/	x_refsource_CONFIRM
	http://secunia.com/advisories/41530	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:52.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4/"
          },
          {
            "name": "41530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41530"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-09-24T19:44:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4/"
        },
        {
          "name": "41530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41530"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3604",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
            },
            {
              "name": "http://typo3.org/extensions/repository/view/powermail/1.5.4/",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4/"
            },
            {
              "name": "41530",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41530"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3604",
    "datePublished": "2010-09-24T19:44:00Z",
    "dateReserved": "2010-09-24T00:00:00Z",
    "dateUpdated": "2024-09-16T22:36:42.361Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-6288 (GCVE-0-2014-6288)

Vulnerability from cvelistv5

Published

2014-10-03 14:00

Modified

2024-08-06 12:10

Severity ?

CWE

n/a

Summary

The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors.

References

►

URL

Tags

	http://typo3.org/extensions/repository/view/powermail	x_refsource_CONFIRM
	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:10:13.392Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-10-07T11:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-6288",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/extensions/repository/view/powermail",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail"
            },
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/",
              "refsource": "MISC",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-6288",
    "datePublished": "2014-10-03T14:00:00",
    "dateReserved": "2014-09-11T00:00:00",
    "dateUpdated": "2024-08-06T12:10:13.392Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-0329 (GCVE-0-2010-0329)

Vulnerability from cvelistv5

Published

2010-01-15 19:00

Modified

2024-09-16 22:03

Severity ?

CWE

n/a

Summary

SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."

References

►

URL

Tags

	http://secunia.com/advisories/38167	third-party-advisory, x_refsource_SECUNIA
	http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/	x_refsource_CONFIRM
	http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/	x_refsource_CONFIRM
	http://typo3.org/extensions/repository/view/powermail/1.5.2/	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:12.123Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38167"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the \"SQL selection field\" and \"typoscript.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-01-15T19:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38167"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the \"SQL selection field\" and \"typoscript.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38167"
            },
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
            },
            {
              "name": "http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/"
            },
            {
              "name": "http://typo3.org/extensions/repository/view/powermail/1.5.2/",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0329",
    "datePublished": "2010-01-15T19:00:00Z",
    "dateReserved": "2010-01-15T00:00:00Z",
    "dateUpdated": "2024-09-16T22:03:28.177Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3605 (GCVE-0-2010-3605)

Vulnerability from cvelistv5

Published

2010-09-24 19:44

Modified

2024-09-17 00:17

Severity ?

CWE

n/a

Summary

Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

►

URL

Tags

	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	x_refsource_CONFIRM
	http://typo3.org/extensions/repository/view/powermail/1.5.4	x_refsource_CONFIRM
	http://secunia.com/advisories/41530	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:52.444Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
          },
          {
            "name": "41530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41530"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-09-24T19:44:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
        },
        {
          "name": "41530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41530"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3605",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
            },
            {
              "name": "http://typo3.org/extensions/repository/view/powermail/1.5.4",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
            },
            {
              "name": "41530",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41530"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3605",
    "datePublished": "2010-09-24T19:44:00Z",
    "dateReserved": "2010-09-24T00:00:00Z",
    "dateUpdated": "2024-09-17T00:17:31.547Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3687 (GCVE-0-2010-3687)

Vulnerability from cvelistv5

Published

2010-09-29 16:00

Modified

2024-09-17 04:09

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by "[injecting] arbitrary values into validated fields," as demonstrated using the (1) Email and (2) URL fields.

References

►

URL

Tags

	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	x_refsource_CONFIRM
	http://typo3.org/extensions/repository/view/powermail/1.5.4	x_refsource_CONFIRM
	http://secunia.com/advisories/41530	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:53.036Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
          },
          {
            "name": "41530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41530"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by \"[injecting] arbitrary values into validated fields,\" as demonstrated using the (1) Email and (2) URL fields."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-09-29T16:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
        },
        {
          "name": "41530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41530"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3687",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by \"[injecting] arbitrary values into validated fields,\" as demonstrated using the (1) Email and (2) URL fields."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
            },
            {
              "name": "http://typo3.org/extensions/repository/view/powermail/1.5.4",
              "refsource": "CONFIRM",
              "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
            },
            {
              "name": "41530",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41530"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3687",
    "datePublished": "2010-09-29T16:00:00Z",
    "dateReserved": "2010-09-29T00:00:00Z",
    "dateUpdated": "2024-09-17T04:09:31.396Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2010-09-24 21:00

Modified

2025-04-11 00:51

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/41530
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail/1.5.4
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41530
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail/1.5.4
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	1.0.1
alex_kellner	powermail	1.0.2
alex_kellner	powermail	1.0.3
alex_kellner	powermail	1.0.4
alex_kellner	powermail	1.0.5
alex_kellner	powermail	1.0.6
alex_kellner	powermail	1.0.7
alex_kellner	powermail	1.0.8
alex_kellner	powermail	1.0.9
alex_kellner	powermail	1.0.10
alex_kellner	powermail	1.0.11
alex_kellner	powermail	1.0.12
alex_kellner	powermail	1.1.0
alex_kellner	powermail	1.1.1
alex_kellner	powermail	1.1.2
alex_kellner	powermail	1.1.3
alex_kellner	powermail	1.1.4
alex_kellner	powermail	1.1.5
alex_kellner	powermail	1.1.6
alex_kellner	powermail	1.1.7
alex_kellner	powermail	1.1.8
alex_kellner	powermail	1.1.9
alex_kellner	powermail	1.1.10
alex_kellner	powermail	1.2.0
alex_kellner	powermail	1.2.1
alex_kellner	powermail	1.2.2
alex_kellner	powermail	1.2.3
alex_kellner	powermail	1.2.4
alex_kellner	powermail	1.3.1
alex_kellner	powermail	1.3.2
alex_kellner	powermail	1.3.3
alex_kellner	powermail	1.3.4
alex_kellner	powermail	1.3.5
alex_kellner	powermail	1.3.6
alex_kellner	powermail	1.3.7
alex_kellner	powermail	1.3.8
alex_kellner	powermail	1.3.9
alex_kellner	powermail	1.3.10
alex_kellner	powermail	1.3.11
alex_kellner	powermail	1.3.12
alex_kellner	powermail	1.3.13
alex_kellner	powermail	1.3.14
alex_kellner	powermail	1.3.15
alex_kellner	powermail	1.3.16
alex_kellner	powermail	1.4.1
alex_kellner	powermail	1.4.2
alex_kellner	powermail	1.4.3
alex_kellner	powermail	1.4.4
alex_kellner	powermail	1.4.5
alex_kellner	powermail	1.4.6
alex_kellner	powermail	1.4.7
alex_kellner	powermail	1.4.8
alex_kellner	powermail	1.4.9
alex_kellner	powermail	1.4.10
alex_kellner	powermail	1.4.11
alex_kellner	powermail	1.4.12
alex_kellner	powermail	1.4.13
alex_kellner	powermail	1.4.14
alex_kellner	powermail	1.4.15
alex_kellner	powermail	1.4.16
alex_kellner	powermail	1.4.17
alex_kellner	powermail	1.4.18
alex_kellner	powermail	1.5.0
alex_kellner	powermail	1.5.1
typo3	typo3	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6EC67D0-8B43-4664-88F6-DD4309560D61",
              "versionEndIncluding": "1.5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F114F8E-08DE-4C8A-A0F7-567A7A822E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9677B8-7E32-4020-845B-FD31B327491D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC6F692-1F1E-4FB4-9EFA-57F0D0938256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9820C6-B4E6-4632-A6D4-D7EA093B1800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AEDCA4-5AC0-4970-99B4-9BE02C880AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "303CC902-BBDA-417C-90C5-6CC316ED2E90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9CDAD5-EE32-47C9-9A94-5FDA002C58BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2065E944-5F55-4ABF-A20E-F5D4CEED0F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C13C053-62AD-4866-AA6E-B6E3862734FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84BCD42-ACAC-47B7-BC11-162BDF37E5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAB0DA1-D646-41F9-9E49-EFB3E3D6753A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A32130E-4799-41D3-8323-8B3B4B8B5453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC13061-9822-4399-A4A1-EBEED9742EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CEE2A8-AC38-4581-B56C-399781D73A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0415B2-89B6-4D75-AD24-DD6152110D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C905E945-4195-448E-B2B6-8C7F9C3FABCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5897048-EE9A-4DB1-9802-27018E665A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFC2BB8-B4ED-4DC0-A391-7ACB2DD94E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CF73D1-AA5E-4A6C-95B8-3AD4FD7EC7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D7FEED-4451-43DA-9811-E7F6AA589F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4670C29-5B52-4172-8AED-0AD01229778A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "384FD986-C33D-4A87-A0ED-8EE51AD5BEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6CF5F4-67D7-4495-B610-13959A10B97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D7E4A4-5887-40B8-860E-91F102A24D89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7055F350-0EE7-4DE7-8FB6-26A0F2D80224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C414A1EC-ED36-4113-87EE-496D0CE6C296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CC9389-53A8-43D8-9D03-9DBBEA26065C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2597C92A-BE72-4246-B2E7-F7B316E6BECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D0154-08BF-42AB-B97C-C0485BD34E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AFE66F2-621A-4F9A-8D99-C5F96D2BC528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F32EE91-CF3B-495C-9AEB-CF5F7A49E55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79D18B0-E52B-4A80-BA0D-664BE32A667B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83192D4F-A044-456E-968C-78FD3F8782B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "027479DC-5EA0-4BAE-8F45-DB8CD2E7DBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29168B6A-3D80-4DC7-A69E-E069B1627A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C3558-53F7-401D-94D4-ABC5A2DCB18A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6783329E-53C6-4FAC-A76A-CDB15C30EE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D85EF2D-D597-4BF8-8D42-65DF495F5B16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED148E81-A7BF-4E80-9BA7-1A95D4192521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBCFF6F8-1913-4095-BB33-F371EA162CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5C372F-D442-44EA-9B74-A724261F7347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8B22DF-AC72-4A1D-BAC8-41AA612EEEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6293BE50-CEC2-4564-B323-5518CB5F26A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "46449EDA-9CD5-4FFC-ACC3-AE23D4CC3758",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94B49F-3249-4FF7-8D71-EFB59EB0B69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CE2E63-4B3B-4F37-983E-084058BB012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA972B4-3307-4A9C-9E9A-F4DCA04B3320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAE015AC-7FF4-445A-9112-576ECA6131A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA35D7C-6EAA-4E57-B229-771FBAE2616C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBAD78D-2EEA-4E84-A31D-A8DB9A4ED6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "129FBFD3-5DF3-4C03-8416-89C9295F7245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5696F1A2-1A78-43F0-B52A-13C4B1A9989F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6F4864-877C-4FBA-99F8-CA138E089B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFE7AC9-06A3-4BCC-96F4-F978DE2A12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95ADBE-FB92-427A-9C12-6F4DB32AB7C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0661B887-07D1-4C97-A810-747D34F1854E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8D2162-DEBA-400A-9BF4-CE2D5C8E59AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD48C215-3464-49B3-AB9B-FAC18A0D6420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DAF9E4-959D-44C6-85A4-0F9124FDEC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A773CA49-4B9D-44AC-92A6-107514320987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A774AE5-7A2E-460A-A8E4-FC3AEEFD1F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D81F3-C67F-4326-BB7F-414D6ADDAFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C87E0-772E-4840-BC53-C7AF9D7B8DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ECCDE1E-F3B4-4CD5-8C47-C29BC6C19686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la extensi\u00f3n powermail v1.5.3 y versiones anteriores para TYPO3 permite a usuarios remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s de vectores de ataque sin especificar."
    }
  ],
  "id": "CVE-2010-3605",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-09-24T21:00:33.683",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/41530"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/41530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-10-07 10:55

Modified

2025-04-11 00:51

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/41962	Vendor Advisory
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail/1.5.5
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41962	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail/1.5.5
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021	Vendor Advisory

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	1.0.1
alex_kellner	powermail	1.0.2
alex_kellner	powermail	1.0.3
alex_kellner	powermail	1.0.4
alex_kellner	powermail	1.0.5
alex_kellner	powermail	1.0.6
alex_kellner	powermail	1.0.7
alex_kellner	powermail	1.0.8
alex_kellner	powermail	1.0.9
alex_kellner	powermail	1.0.10
alex_kellner	powermail	1.0.11
alex_kellner	powermail	1.0.12
alex_kellner	powermail	1.1.0
alex_kellner	powermail	1.1.1
alex_kellner	powermail	1.1.2
alex_kellner	powermail	1.1.3
alex_kellner	powermail	1.1.4
alex_kellner	powermail	1.1.5
alex_kellner	powermail	1.1.6
alex_kellner	powermail	1.1.7
alex_kellner	powermail	1.1.8
alex_kellner	powermail	1.1.9
alex_kellner	powermail	1.1.10
alex_kellner	powermail	1.2.0
alex_kellner	powermail	1.2.1
alex_kellner	powermail	1.2.2
alex_kellner	powermail	1.2.3
alex_kellner	powermail	1.2.4
alex_kellner	powermail	1.3.1
alex_kellner	powermail	1.3.2
alex_kellner	powermail	1.3.3
alex_kellner	powermail	1.3.4
alex_kellner	powermail	1.3.5
alex_kellner	powermail	1.3.6
alex_kellner	powermail	1.3.7
alex_kellner	powermail	1.3.8
alex_kellner	powermail	1.3.9
alex_kellner	powermail	1.3.10
alex_kellner	powermail	1.3.11
alex_kellner	powermail	1.3.12
alex_kellner	powermail	1.3.13
alex_kellner	powermail	1.3.14
alex_kellner	powermail	1.3.15
alex_kellner	powermail	1.3.16
alex_kellner	powermail	1.4.1
alex_kellner	powermail	1.4.2
alex_kellner	powermail	1.4.3
alex_kellner	powermail	1.4.4
alex_kellner	powermail	1.4.5
alex_kellner	powermail	1.4.6
alex_kellner	powermail	1.4.7
alex_kellner	powermail	1.4.8
alex_kellner	powermail	1.4.9
alex_kellner	powermail	1.4.10
alex_kellner	powermail	1.4.11
alex_kellner	powermail	1.4.12
alex_kellner	powermail	1.4.13
alex_kellner	powermail	1.4.14
alex_kellner	powermail	1.4.15
alex_kellner	powermail	1.4.16
alex_kellner	powermail	1.4.17
alex_kellner	powermail	1.4.18
alex_kellner	powermail	1.5.0
alex_kellner	powermail	1.5.1
alex_kellner	powermail	1.5.2
alex_kellner	powermail	1.5.3
typo3	typo3	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49C993DB-A2D1-4332-A874-DC0703C70D60",
              "versionEndIncluding": "1.5.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F114F8E-08DE-4C8A-A0F7-567A7A822E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9677B8-7E32-4020-845B-FD31B327491D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC6F692-1F1E-4FB4-9EFA-57F0D0938256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9820C6-B4E6-4632-A6D4-D7EA093B1800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AEDCA4-5AC0-4970-99B4-9BE02C880AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "303CC902-BBDA-417C-90C5-6CC316ED2E90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9CDAD5-EE32-47C9-9A94-5FDA002C58BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2065E944-5F55-4ABF-A20E-F5D4CEED0F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C13C053-62AD-4866-AA6E-B6E3862734FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84BCD42-ACAC-47B7-BC11-162BDF37E5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAB0DA1-D646-41F9-9E49-EFB3E3D6753A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A32130E-4799-41D3-8323-8B3B4B8B5453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC13061-9822-4399-A4A1-EBEED9742EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CEE2A8-AC38-4581-B56C-399781D73A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0415B2-89B6-4D75-AD24-DD6152110D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C905E945-4195-448E-B2B6-8C7F9C3FABCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5897048-EE9A-4DB1-9802-27018E665A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFC2BB8-B4ED-4DC0-A391-7ACB2DD94E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CF73D1-AA5E-4A6C-95B8-3AD4FD7EC7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D7FEED-4451-43DA-9811-E7F6AA589F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4670C29-5B52-4172-8AED-0AD01229778A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "384FD986-C33D-4A87-A0ED-8EE51AD5BEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6CF5F4-67D7-4495-B610-13959A10B97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D7E4A4-5887-40B8-860E-91F102A24D89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7055F350-0EE7-4DE7-8FB6-26A0F2D80224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C414A1EC-ED36-4113-87EE-496D0CE6C296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CC9389-53A8-43D8-9D03-9DBBEA26065C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2597C92A-BE72-4246-B2E7-F7B316E6BECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D0154-08BF-42AB-B97C-C0485BD34E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AFE66F2-621A-4F9A-8D99-C5F96D2BC528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F32EE91-CF3B-495C-9AEB-CF5F7A49E55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79D18B0-E52B-4A80-BA0D-664BE32A667B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83192D4F-A044-456E-968C-78FD3F8782B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "027479DC-5EA0-4BAE-8F45-DB8CD2E7DBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29168B6A-3D80-4DC7-A69E-E069B1627A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C3558-53F7-401D-94D4-ABC5A2DCB18A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6783329E-53C6-4FAC-A76A-CDB15C30EE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D85EF2D-D597-4BF8-8D42-65DF495F5B16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED148E81-A7BF-4E80-9BA7-1A95D4192521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBCFF6F8-1913-4095-BB33-F371EA162CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5C372F-D442-44EA-9B74-A724261F7347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8B22DF-AC72-4A1D-BAC8-41AA612EEEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6293BE50-CEC2-4564-B323-5518CB5F26A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "46449EDA-9CD5-4FFC-ACC3-AE23D4CC3758",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94B49F-3249-4FF7-8D71-EFB59EB0B69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CE2E63-4B3B-4F37-983E-084058BB012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA972B4-3307-4A9C-9E9A-F4DCA04B3320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAE015AC-7FF4-445A-9112-576ECA6131A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA35D7C-6EAA-4E57-B229-771FBAE2616C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBAD78D-2EEA-4E84-A31D-A8DB9A4ED6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "129FBFD3-5DF3-4C03-8416-89C9295F7245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5696F1A2-1A78-43F0-B52A-13C4B1A9989F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6F4864-877C-4FBA-99F8-CA138E089B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFE7AC9-06A3-4BCC-96F4-F978DE2A12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95ADBE-FB92-427A-9C12-6F4DB32AB7C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0661B887-07D1-4C97-A810-747D34F1854E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8D2162-DEBA-400A-9BF4-CE2D5C8E59AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD48C215-3464-49B3-AB9B-FAC18A0D6420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DAF9E4-959D-44C6-85A4-0F9124FDEC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A773CA49-4B9D-44AC-92A6-107514320987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A774AE5-7A2E-460A-A8E4-FC3AEEFD1F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D81F3-C67F-4326-BB7F-414D6ADDAFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C87E0-772E-4840-BC53-C7AF9D7B8DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ECCDE1E-F3B4-4CD5-8C47-C29BC6C19686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEA8312C-C13F-46E1-B63A-C19DF654AAD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7B1C99-CEA5-4128-B29B-AF8D71B492A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en la extensi\u00f3n powermail antes de v1.5.5 para TYPO3, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2010-4892",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-10-07T10:55:09.940",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41962"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.5"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-09-29 17:00

Modified

2025-04-11 00:51

Severity ?

Summary

Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by "[injecting] arbitrary values into validated fields," as demonstrated using the (1) Email and (2) URL fields.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/41530	Vendor Advisory
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail/1.5.4
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41530	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail/1.5.4
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	1.0.1
alex_kellner	powermail	1.0.2
alex_kellner	powermail	1.0.3
alex_kellner	powermail	1.0.4
alex_kellner	powermail	1.0.5
alex_kellner	powermail	1.0.6
alex_kellner	powermail	1.0.7
alex_kellner	powermail	1.0.8
alex_kellner	powermail	1.0.9
alex_kellner	powermail	1.0.10
alex_kellner	powermail	1.0.11
alex_kellner	powermail	1.0.12
alex_kellner	powermail	1.1.0
alex_kellner	powermail	1.1.1
alex_kellner	powermail	1.1.2
alex_kellner	powermail	1.1.3
alex_kellner	powermail	1.1.4
alex_kellner	powermail	1.1.5
alex_kellner	powermail	1.1.6
alex_kellner	powermail	1.1.7
alex_kellner	powermail	1.1.8
alex_kellner	powermail	1.1.9
alex_kellner	powermail	1.1.10
alex_kellner	powermail	1.2.0
alex_kellner	powermail	1.2.1
alex_kellner	powermail	1.2.2
alex_kellner	powermail	1.2.3
alex_kellner	powermail	1.2.4
alex_kellner	powermail	1.3.1
alex_kellner	powermail	1.3.2
alex_kellner	powermail	1.3.3
alex_kellner	powermail	1.3.4
alex_kellner	powermail	1.3.5
alex_kellner	powermail	1.3.6
alex_kellner	powermail	1.3.7
alex_kellner	powermail	1.3.8
alex_kellner	powermail	1.3.9
alex_kellner	powermail	1.3.10
alex_kellner	powermail	1.3.11
alex_kellner	powermail	1.3.12
alex_kellner	powermail	1.3.13
alex_kellner	powermail	1.3.14
alex_kellner	powermail	1.3.15
alex_kellner	powermail	1.3.16
alex_kellner	powermail	1.4.1
alex_kellner	powermail	1.4.2
alex_kellner	powermail	1.4.3
alex_kellner	powermail	1.4.4
alex_kellner	powermail	1.4.5
alex_kellner	powermail	1.4.6
alex_kellner	powermail	1.4.7
alex_kellner	powermail	1.4.8
alex_kellner	powermail	1.4.9
alex_kellner	powermail	1.4.10
alex_kellner	powermail	1.4.11
alex_kellner	powermail	1.4.12
alex_kellner	powermail	1.4.13
alex_kellner	powermail	1.4.14
alex_kellner	powermail	1.4.15
alex_kellner	powermail	1.4.16
alex_kellner	powermail	1.4.17
alex_kellner	powermail	1.4.18
alex_kellner	powermail	1.5.0
alex_kellner	powermail	1.5.1
alex_kellner	powermail	1.5.2
typo3	typo3	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36CA7CCA-3C43-4672-8F93-31D3150B0022",
              "versionEndIncluding": "1.5.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F114F8E-08DE-4C8A-A0F7-567A7A822E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9677B8-7E32-4020-845B-FD31B327491D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC6F692-1F1E-4FB4-9EFA-57F0D0938256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9820C6-B4E6-4632-A6D4-D7EA093B1800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AEDCA4-5AC0-4970-99B4-9BE02C880AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "303CC902-BBDA-417C-90C5-6CC316ED2E90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9CDAD5-EE32-47C9-9A94-5FDA002C58BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2065E944-5F55-4ABF-A20E-F5D4CEED0F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C13C053-62AD-4866-AA6E-B6E3862734FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84BCD42-ACAC-47B7-BC11-162BDF37E5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAB0DA1-D646-41F9-9E49-EFB3E3D6753A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A32130E-4799-41D3-8323-8B3B4B8B5453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC13061-9822-4399-A4A1-EBEED9742EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CEE2A8-AC38-4581-B56C-399781D73A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0415B2-89B6-4D75-AD24-DD6152110D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C905E945-4195-448E-B2B6-8C7F9C3FABCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5897048-EE9A-4DB1-9802-27018E665A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFC2BB8-B4ED-4DC0-A391-7ACB2DD94E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CF73D1-AA5E-4A6C-95B8-3AD4FD7EC7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D7FEED-4451-43DA-9811-E7F6AA589F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4670C29-5B52-4172-8AED-0AD01229778A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "384FD986-C33D-4A87-A0ED-8EE51AD5BEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6CF5F4-67D7-4495-B610-13959A10B97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D7E4A4-5887-40B8-860E-91F102A24D89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7055F350-0EE7-4DE7-8FB6-26A0F2D80224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C414A1EC-ED36-4113-87EE-496D0CE6C296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CC9389-53A8-43D8-9D03-9DBBEA26065C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2597C92A-BE72-4246-B2E7-F7B316E6BECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D0154-08BF-42AB-B97C-C0485BD34E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AFE66F2-621A-4F9A-8D99-C5F96D2BC528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F32EE91-CF3B-495C-9AEB-CF5F7A49E55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79D18B0-E52B-4A80-BA0D-664BE32A667B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83192D4F-A044-456E-968C-78FD3F8782B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "027479DC-5EA0-4BAE-8F45-DB8CD2E7DBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29168B6A-3D80-4DC7-A69E-E069B1627A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C3558-53F7-401D-94D4-ABC5A2DCB18A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6783329E-53C6-4FAC-A76A-CDB15C30EE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D85EF2D-D597-4BF8-8D42-65DF495F5B16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED148E81-A7BF-4E80-9BA7-1A95D4192521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBCFF6F8-1913-4095-BB33-F371EA162CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5C372F-D442-44EA-9B74-A724261F7347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8B22DF-AC72-4A1D-BAC8-41AA612EEEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6293BE50-CEC2-4564-B323-5518CB5F26A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "46449EDA-9CD5-4FFC-ACC3-AE23D4CC3758",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94B49F-3249-4FF7-8D71-EFB59EB0B69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CE2E63-4B3B-4F37-983E-084058BB012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA972B4-3307-4A9C-9E9A-F4DCA04B3320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAE015AC-7FF4-445A-9112-576ECA6131A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA35D7C-6EAA-4E57-B229-771FBAE2616C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBAD78D-2EEA-4E84-A31D-A8DB9A4ED6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "129FBFD3-5DF3-4C03-8416-89C9295F7245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5696F1A2-1A78-43F0-B52A-13C4B1A9989F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6F4864-877C-4FBA-99F8-CA138E089B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFE7AC9-06A3-4BCC-96F4-F978DE2A12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95ADBE-FB92-427A-9C12-6F4DB32AB7C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0661B887-07D1-4C97-A810-747D34F1854E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8D2162-DEBA-400A-9BF4-CE2D5C8E59AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD48C215-3464-49B3-AB9B-FAC18A0D6420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DAF9E4-959D-44C6-85A4-0F9124FDEC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A773CA49-4B9D-44AC-92A6-107514320987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A774AE5-7A2E-460A-A8E4-FC3AEEFD1F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D81F3-C67F-4326-BB7F-414D6ADDAFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C87E0-772E-4840-BC53-C7AF9D7B8DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ECCDE1E-F3B4-4CD5-8C47-C29BC6C19686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEA8312C-C13F-46E1-B63A-C19DF654AAD2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by \"[injecting] arbitrary values into validated fields,\" as demonstrated using the (1) Email and (2) URL fields."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la extensi\u00f3n powermail v1.5.3 y anteriores para TYPO3 permite a atacantes remotos evitar la validaci\u00f3n y tener un impacto no especificado mediante \"[inyecci\u00f3n] valores arbitrarios en los campos de validaci\u00f3n\", como se ha demostrado mediante la utilizaci\u00f3n de los campos (1) Email y (2) URL."
    }
  ],
  "id": "CVE-2010-3687",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-09-29T17:00:05.993",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41530"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-09-24 21:00

Modified

2025-04-11 00:51

Severity ?

Summary

SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/41530	Vendor Advisory
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail/1.5.4/	Patch
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41530	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail/1.5.4/	Patch
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	1.0.1
alex_kellner	powermail	1.0.2
alex_kellner	powermail	1.0.3
alex_kellner	powermail	1.0.4
alex_kellner	powermail	1.0.5
alex_kellner	powermail	1.0.6
alex_kellner	powermail	1.0.7
alex_kellner	powermail	1.0.8
alex_kellner	powermail	1.0.9
alex_kellner	powermail	1.0.10
alex_kellner	powermail	1.0.11
alex_kellner	powermail	1.0.12
alex_kellner	powermail	1.1.0
alex_kellner	powermail	1.1.1
alex_kellner	powermail	1.1.2
alex_kellner	powermail	1.1.3
alex_kellner	powermail	1.1.4
alex_kellner	powermail	1.1.5
alex_kellner	powermail	1.1.6
alex_kellner	powermail	1.1.7
alex_kellner	powermail	1.1.8
alex_kellner	powermail	1.1.9
alex_kellner	powermail	1.1.10
alex_kellner	powermail	1.2.0
alex_kellner	powermail	1.2.1
alex_kellner	powermail	1.2.2
alex_kellner	powermail	1.2.3
alex_kellner	powermail	1.2.4
alex_kellner	powermail	1.3.1
alex_kellner	powermail	1.3.2
alex_kellner	powermail	1.3.3
alex_kellner	powermail	1.3.4
alex_kellner	powermail	1.3.5
alex_kellner	powermail	1.3.6
alex_kellner	powermail	1.3.7
alex_kellner	powermail	1.3.8
alex_kellner	powermail	1.3.9
alex_kellner	powermail	1.3.10
alex_kellner	powermail	1.3.11
alex_kellner	powermail	1.3.12
alex_kellner	powermail	1.3.13
alex_kellner	powermail	1.3.14
alex_kellner	powermail	1.3.15
alex_kellner	powermail	1.3.16
alex_kellner	powermail	1.4.1
alex_kellner	powermail	1.4.2
alex_kellner	powermail	1.4.3
alex_kellner	powermail	1.4.4
alex_kellner	powermail	1.4.5
alex_kellner	powermail	1.4.6
alex_kellner	powermail	1.4.7
alex_kellner	powermail	1.4.8
alex_kellner	powermail	1.4.9
alex_kellner	powermail	1.4.10
alex_kellner	powermail	1.4.11
alex_kellner	powermail	1.4.12
alex_kellner	powermail	1.4.13
alex_kellner	powermail	1.4.14
alex_kellner	powermail	1.4.15
alex_kellner	powermail	1.4.16
alex_kellner	powermail	1.4.17
alex_kellner	powermail	1.4.18
alex_kellner	powermail	1.5.0
alex_kellner	powermail	1.5.1
typo3	typo3	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6EC67D0-8B43-4664-88F6-DD4309560D61",
              "versionEndIncluding": "1.5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F114F8E-08DE-4C8A-A0F7-567A7A822E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9677B8-7E32-4020-845B-FD31B327491D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC6F692-1F1E-4FB4-9EFA-57F0D0938256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9820C6-B4E6-4632-A6D4-D7EA093B1800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AEDCA4-5AC0-4970-99B4-9BE02C880AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "303CC902-BBDA-417C-90C5-6CC316ED2E90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9CDAD5-EE32-47C9-9A94-5FDA002C58BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2065E944-5F55-4ABF-A20E-F5D4CEED0F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C13C053-62AD-4866-AA6E-B6E3862734FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84BCD42-ACAC-47B7-BC11-162BDF37E5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAB0DA1-D646-41F9-9E49-EFB3E3D6753A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A32130E-4799-41D3-8323-8B3B4B8B5453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC13061-9822-4399-A4A1-EBEED9742EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CEE2A8-AC38-4581-B56C-399781D73A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0415B2-89B6-4D75-AD24-DD6152110D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C905E945-4195-448E-B2B6-8C7F9C3FABCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5897048-EE9A-4DB1-9802-27018E665A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFC2BB8-B4ED-4DC0-A391-7ACB2DD94E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CF73D1-AA5E-4A6C-95B8-3AD4FD7EC7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D7FEED-4451-43DA-9811-E7F6AA589F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4670C29-5B52-4172-8AED-0AD01229778A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "384FD986-C33D-4A87-A0ED-8EE51AD5BEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6CF5F4-67D7-4495-B610-13959A10B97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D7E4A4-5887-40B8-860E-91F102A24D89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7055F350-0EE7-4DE7-8FB6-26A0F2D80224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C414A1EC-ED36-4113-87EE-496D0CE6C296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CC9389-53A8-43D8-9D03-9DBBEA26065C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2597C92A-BE72-4246-B2E7-F7B316E6BECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D0154-08BF-42AB-B97C-C0485BD34E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AFE66F2-621A-4F9A-8D99-C5F96D2BC528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F32EE91-CF3B-495C-9AEB-CF5F7A49E55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79D18B0-E52B-4A80-BA0D-664BE32A667B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83192D4F-A044-456E-968C-78FD3F8782B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "027479DC-5EA0-4BAE-8F45-DB8CD2E7DBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29168B6A-3D80-4DC7-A69E-E069B1627A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C3558-53F7-401D-94D4-ABC5A2DCB18A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6783329E-53C6-4FAC-A76A-CDB15C30EE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D85EF2D-D597-4BF8-8D42-65DF495F5B16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED148E81-A7BF-4E80-9BA7-1A95D4192521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBCFF6F8-1913-4095-BB33-F371EA162CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5C372F-D442-44EA-9B74-A724261F7347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8B22DF-AC72-4A1D-BAC8-41AA612EEEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6293BE50-CEC2-4564-B323-5518CB5F26A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "46449EDA-9CD5-4FFC-ACC3-AE23D4CC3758",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94B49F-3249-4FF7-8D71-EFB59EB0B69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CE2E63-4B3B-4F37-983E-084058BB012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA972B4-3307-4A9C-9E9A-F4DCA04B3320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAE015AC-7FF4-445A-9112-576ECA6131A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA35D7C-6EAA-4E57-B229-771FBAE2616C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBAD78D-2EEA-4E84-A31D-A8DB9A4ED6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "129FBFD3-5DF3-4C03-8416-89C9295F7245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5696F1A2-1A78-43F0-B52A-13C4B1A9989F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6F4864-877C-4FBA-99F8-CA138E089B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFE7AC9-06A3-4BCC-96F4-F978DE2A12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95ADBE-FB92-427A-9C12-6F4DB32AB7C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0661B887-07D1-4C97-A810-747D34F1854E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8D2162-DEBA-400A-9BF4-CE2D5C8E59AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD48C215-3464-49B3-AB9B-FAC18A0D6420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DAF9E4-959D-44C6-85A4-0F9124FDEC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A773CA49-4B9D-44AC-92A6-107514320987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A774AE5-7A2E-460A-A8E4-FC3AEEFD1F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D81F3-C67F-4326-BB7F-414D6ADDAFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C87E0-772E-4840-BC53-C7AF9D7B8DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ECCDE1E-F3B4-4CD5-8C47-C29BC6C19686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n SQL en la extensi\u00f3n powermail v1.5.3 y versiones anteriores para TYPO3 permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de vectores de ataque sin especificar."
    }
  ],
  "id": "CVE-2010-3604",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-09-24T21:00:33.230",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41530"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.4/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-10-03 14:55

Modified

2025-04-12 10:46

Severity ?

Summary

Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors.

References

▶	URL	Tags
	cve@mitre.org	http://typo3.org/extensions/repository/view/powermail
	cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/
	af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail
	af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	2.0.0
alex_kellner	powermail	2.0.1
alex_kellner	powermail	2.0.2
alex_kellner	powermail	2.0.3
alex_kellner	powermail	2.0.4
alex_kellner	powermail	2.0.5
alex_kellner	powermail	2.0.6
alex_kellner	powermail	2.0.7
alex_kellner	powermail	2.0.8
alex_kellner	powermail	2.0.9
alex_kellner	powermail	2.0.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "6836C7CF-A243-4A3B-909F-87682ADCF6A0",
              "versionEndIncluding": "1.6.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.0:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "852C029A-368F-4842-B476-D4D0FF28984E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.1:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "A263A4C5-8DFC-4E27-9933-F91E4E2975DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.2:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "808FBA6A-46FB-4D03-97E4-CDD0FF7E9D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.3:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "B5EE43D3-2ECC-42E4-BE59-B45EFB7A2012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.4:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "99FBC6DE-94B0-4519-8037-850B925EC275",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.5:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "5F362ED4-18ED-4694-A7DB-EE1C681211C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.6:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "8B1C1B4D-687A-49D9-8FF5-4C478D6E6582",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.7:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "6C6DF662-67CD-47E1-98B2-1485A59431DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.8:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "3D9ABB8B-B020-4EE7-ABA1-1931FB206405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.9:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "1700A775-8FCF-4FA3-96E6-6464ED0332A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.10:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "82F57D30-B6FF-4A8D-94EE-E6355B9E12B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de la subida de ficheros sin restricciones en la extensi\u00f3n powermail anterior a 1.6.11 y 2.x anterior a 2.0.14 para TYPO3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante la subida de un fichero con una extensi\u00f3n manipulada y posteriormente el acceso a ello a trav\u00e9s de vectores no especificados."
    }
  ],
  "evaluatorComment": "Vendor advisory - http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/",
  "id": "CVE-2014-3947",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-03T14:55:08.757",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-10-03 14:55

Modified

2025-04-12 10:46

Severity ?

Summary

The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/	Vendor Advisory

Impacted products

Vendor	Product	Version
alex_kellner	powermail	2.0.0
alex_kellner	powermail	2.0.1
alex_kellner	powermail	2.0.2
alex_kellner	powermail	2.0.3
alex_kellner	powermail	2.0.4
alex_kellner	powermail	2.0.5
alex_kellner	powermail	2.0.6
alex_kellner	powermail	2.0.7
alex_kellner	powermail	2.0.8
alex_kellner	powermail	2.0.9
alex_kellner	powermail	2.0.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.0:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "852C029A-368F-4842-B476-D4D0FF28984E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.1:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "A263A4C5-8DFC-4E27-9933-F91E4E2975DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.2:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "808FBA6A-46FB-4D03-97E4-CDD0FF7E9D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.3:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "B5EE43D3-2ECC-42E4-BE59-B45EFB7A2012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.4:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "99FBC6DE-94B0-4519-8037-850B925EC275",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.5:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "5F362ED4-18ED-4694-A7DB-EE1C681211C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.6:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "8B1C1B4D-687A-49D9-8FF5-4C478D6E6582",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.7:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "6C6DF662-67CD-47E1-98B2-1485A59431DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.8:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "3D9ABB8B-B020-4EE7-ABA1-1931FB206405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.9:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "1700A775-8FCF-4FA3-96E6-6464ED0332A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:2.0.10:*:*:*:*:typo3:*:*",
              "matchCriteriaId": "82F57D30-B6FF-4A8D-94EE-E6355B9E12B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La extensi\u00f3n de powermail versiones 2.x anteriores a 2.0.11 para TYPO3, permite a los atacantes remotos omitir el mecanismo de protecci\u00f3n CAPTCHA por medio de vectores no especificados."
    }
  ],
  "evaluatorComment": "Per http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/, only version 2.0.0 - 2.0.10 are vulnerable.",
  "id": "CVE-2014-6288",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-03T14:55:08.820",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-006/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-11-17 21:55

Modified

2025-04-11 00:51

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/74461
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/74461

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	1.0.1
alex_kellner	powermail	1.0.2
alex_kellner	powermail	1.0.3
alex_kellner	powermail	1.0.4
alex_kellner	powermail	1.0.5
alex_kellner	powermail	1.0.6
alex_kellner	powermail	1.0.7
alex_kellner	powermail	1.0.8
alex_kellner	powermail	1.0.9
alex_kellner	powermail	1.0.10
alex_kellner	powermail	1.0.11
alex_kellner	powermail	1.0.12
alex_kellner	powermail	1.1.0
alex_kellner	powermail	1.1.1
alex_kellner	powermail	1.1.2
alex_kellner	powermail	1.1.3
alex_kellner	powermail	1.1.4
alex_kellner	powermail	1.1.5
alex_kellner	powermail	1.1.6
alex_kellner	powermail	1.1.7
alex_kellner	powermail	1.1.8
alex_kellner	powermail	1.1.9
alex_kellner	powermail	1.1.10
alex_kellner	powermail	1.2.0
alex_kellner	powermail	1.2.1
alex_kellner	powermail	1.2.2
alex_kellner	powermail	1.2.3
alex_kellner	powermail	1.2.4
alex_kellner	powermail	1.3.1
alex_kellner	powermail	1.3.2
alex_kellner	powermail	1.3.3
alex_kellner	powermail	1.3.4
alex_kellner	powermail	1.3.5
alex_kellner	powermail	1.3.6
alex_kellner	powermail	1.3.7
alex_kellner	powermail	1.3.8
alex_kellner	powermail	1.3.9
alex_kellner	powermail	1.3.10
alex_kellner	powermail	1.3.11
alex_kellner	powermail	1.3.12
alex_kellner	powermail	1.3.13
alex_kellner	powermail	1.3.14
alex_kellner	powermail	1.3.15
alex_kellner	powermail	1.3.16
alex_kellner	powermail	1.4.1
alex_kellner	powermail	1.4.2
alex_kellner	powermail	1.4.3
alex_kellner	powermail	1.4.4
alex_kellner	powermail	1.4.5
alex_kellner	powermail	1.4.6
alex_kellner	powermail	1.4.7
alex_kellner	powermail	1.4.8
alex_kellner	powermail	1.4.9
alex_kellner	powermail	1.4.10
alex_kellner	powermail	1.4.11
alex_kellner	powermail	1.4.12
alex_kellner	powermail	1.4.13
alex_kellner	powermail	1.4.14
alex_kellner	powermail	1.4.15
alex_kellner	powermail	1.4.16
alex_kellner	powermail	1.4.17
alex_kellner	powermail	1.4.18
alex_kellner	powermail	1.5.0
alex_kellner	powermail	1.5.1
alex_kellner	powermail	1.5.3
typo3	typo3	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B02261C5-E11F-4D82-9609-CB1E54BDDF6D",
              "versionEndIncluding": "1.6.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F114F8E-08DE-4C8A-A0F7-567A7A822E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9677B8-7E32-4020-845B-FD31B327491D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC6F692-1F1E-4FB4-9EFA-57F0D0938256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9820C6-B4E6-4632-A6D4-D7EA093B1800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AEDCA4-5AC0-4970-99B4-9BE02C880AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "303CC902-BBDA-417C-90C5-6CC316ED2E90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9CDAD5-EE32-47C9-9A94-5FDA002C58BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2065E944-5F55-4ABF-A20E-F5D4CEED0F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C13C053-62AD-4866-AA6E-B6E3862734FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84BCD42-ACAC-47B7-BC11-162BDF37E5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAB0DA1-D646-41F9-9E49-EFB3E3D6753A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A32130E-4799-41D3-8323-8B3B4B8B5453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC13061-9822-4399-A4A1-EBEED9742EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CEE2A8-AC38-4581-B56C-399781D73A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0415B2-89B6-4D75-AD24-DD6152110D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C905E945-4195-448E-B2B6-8C7F9C3FABCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5897048-EE9A-4DB1-9802-27018E665A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFC2BB8-B4ED-4DC0-A391-7ACB2DD94E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CF73D1-AA5E-4A6C-95B8-3AD4FD7EC7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D7FEED-4451-43DA-9811-E7F6AA589F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4670C29-5B52-4172-8AED-0AD01229778A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "384FD986-C33D-4A87-A0ED-8EE51AD5BEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6CF5F4-67D7-4495-B610-13959A10B97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D7E4A4-5887-40B8-860E-91F102A24D89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7055F350-0EE7-4DE7-8FB6-26A0F2D80224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C414A1EC-ED36-4113-87EE-496D0CE6C296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CC9389-53A8-43D8-9D03-9DBBEA26065C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2597C92A-BE72-4246-B2E7-F7B316E6BECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D0154-08BF-42AB-B97C-C0485BD34E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AFE66F2-621A-4F9A-8D99-C5F96D2BC528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F32EE91-CF3B-495C-9AEB-CF5F7A49E55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79D18B0-E52B-4A80-BA0D-664BE32A667B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83192D4F-A044-456E-968C-78FD3F8782B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "027479DC-5EA0-4BAE-8F45-DB8CD2E7DBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29168B6A-3D80-4DC7-A69E-E069B1627A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C3558-53F7-401D-94D4-ABC5A2DCB18A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6783329E-53C6-4FAC-A76A-CDB15C30EE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D85EF2D-D597-4BF8-8D42-65DF495F5B16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED148E81-A7BF-4E80-9BA7-1A95D4192521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBCFF6F8-1913-4095-BB33-F371EA162CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5C372F-D442-44EA-9B74-A724261F7347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8B22DF-AC72-4A1D-BAC8-41AA612EEEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6293BE50-CEC2-4564-B323-5518CB5F26A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "46449EDA-9CD5-4FFC-ACC3-AE23D4CC3758",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94B49F-3249-4FF7-8D71-EFB59EB0B69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CE2E63-4B3B-4F37-983E-084058BB012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA972B4-3307-4A9C-9E9A-F4DCA04B3320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAE015AC-7FF4-445A-9112-576ECA6131A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA35D7C-6EAA-4E57-B229-771FBAE2616C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBAD78D-2EEA-4E84-A31D-A8DB9A4ED6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "129FBFD3-5DF3-4C03-8416-89C9295F7245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5696F1A2-1A78-43F0-B52A-13C4B1A9989F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6F4864-877C-4FBA-99F8-CA138E089B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFE7AC9-06A3-4BCC-96F4-F978DE2A12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95ADBE-FB92-427A-9C12-6F4DB32AB7C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0661B887-07D1-4C97-A810-747D34F1854E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8D2162-DEBA-400A-9BF4-CE2D5C8E59AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD48C215-3464-49B3-AB9B-FAC18A0D6420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DAF9E4-959D-44C6-85A4-0F9124FDEC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A773CA49-4B9D-44AC-92A6-107514320987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A774AE5-7A2E-460A-A8E4-FC3AEEFD1F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D81F3-C67F-4326-BB7F-414D6ADDAFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C87E0-772E-4840-BC53-C7AF9D7B8DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ECCDE1E-F3B4-4CD5-8C47-C29BC6C19686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7B1C99-CEA5-4128-B29B-AF8D71B492A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:typo3:typo3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66C5ABA-7727-4562-A792-5E450098D520",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en la extensi\u00f3n PowerMail antes de v1.6.5 para TYPO3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados.\r\n"
    }
  ],
  "id": "CVE-2012-5889",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-11-17T21:55:01.923",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74461"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-01-15 19:30

Modified

2025-04-09 00:30

Severity ?

Summary

SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/38167	Vendor Advisory
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail/1.5.2/
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38167	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail/1.5.2/
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/	Vendor Advisory

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	1.0.1
alex_kellner	powermail	1.0.2
alex_kellner	powermail	1.0.3
alex_kellner	powermail	1.0.4
alex_kellner	powermail	1.0.5
alex_kellner	powermail	1.0.6
alex_kellner	powermail	1.0.7
alex_kellner	powermail	1.0.8
alex_kellner	powermail	1.0.9
alex_kellner	powermail	1.0.10
alex_kellner	powermail	1.0.11
alex_kellner	powermail	1.0.12
alex_kellner	powermail	1.1.0
alex_kellner	powermail	1.1.1
alex_kellner	powermail	1.1.2
alex_kellner	powermail	1.1.3
alex_kellner	powermail	1.1.4
alex_kellner	powermail	1.1.5
alex_kellner	powermail	1.1.6
alex_kellner	powermail	1.1.7
alex_kellner	powermail	1.1.8
alex_kellner	powermail	1.1.9
alex_kellner	powermail	1.1.10
alex_kellner	powermail	1.2.0
alex_kellner	powermail	1.2.1
alex_kellner	powermail	1.2.2
alex_kellner	powermail	1.2.3
alex_kellner	powermail	1.2.4
alex_kellner	powermail	1.3.1
alex_kellner	powermail	1.3.2
alex_kellner	powermail	1.3.3
alex_kellner	powermail	1.3.4
alex_kellner	powermail	1.3.5
alex_kellner	powermail	1.3.6
alex_kellner	powermail	1.3.7
alex_kellner	powermail	1.3.8
alex_kellner	powermail	1.3.9
alex_kellner	powermail	1.3.10
alex_kellner	powermail	1.3.11
alex_kellner	powermail	1.3.12
alex_kellner	powermail	1.3.13
alex_kellner	powermail	1.3.14
alex_kellner	powermail	1.3.15
alex_kellner	powermail	1.3.16
alex_kellner	powermail	1.4.1
alex_kellner	powermail	1.4.2
alex_kellner	powermail	1.4.3
alex_kellner	powermail	1.4.4
alex_kellner	powermail	1.4.5
alex_kellner	powermail	1.4.6
alex_kellner	powermail	1.4.7
alex_kellner	powermail	1.4.8
alex_kellner	powermail	1.4.9
alex_kellner	powermail	1.4.10
alex_kellner	powermail	1.4.11
alex_kellner	powermail	1.4.12
alex_kellner	powermail	1.4.13
alex_kellner	powermail	1.4.14
alex_kellner	powermail	1.4.15
alex_kellner	powermail	1.4.16
alex_kellner	powermail	1.4.17
alex_kellner	powermail	1.4.18
alex_kellner	powermail	1.5.0
typo3	typo3	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56D40FD2-4D38-4A27-8F62-DA7C538A3FBA",
              "versionEndIncluding": "1.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F114F8E-08DE-4C8A-A0F7-567A7A822E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9677B8-7E32-4020-845B-FD31B327491D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC6F692-1F1E-4FB4-9EFA-57F0D0938256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9820C6-B4E6-4632-A6D4-D7EA093B1800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AEDCA4-5AC0-4970-99B4-9BE02C880AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "303CC902-BBDA-417C-90C5-6CC316ED2E90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A9CDAD5-EE32-47C9-9A94-5FDA002C58BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2065E944-5F55-4ABF-A20E-F5D4CEED0F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C13C053-62AD-4866-AA6E-B6E3862734FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84BCD42-ACAC-47B7-BC11-162BDF37E5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAB0DA1-D646-41F9-9E49-EFB3E3D6753A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A32130E-4799-41D3-8323-8B3B4B8B5453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC13061-9822-4399-A4A1-EBEED9742EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CEE2A8-AC38-4581-B56C-399781D73A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C0415B2-89B6-4D75-AD24-DD6152110D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C905E945-4195-448E-B2B6-8C7F9C3FABCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5897048-EE9A-4DB1-9802-27018E665A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFC2BB8-B4ED-4DC0-A391-7ACB2DD94E1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CF73D1-AA5E-4A6C-95B8-3AD4FD7EC7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D7FEED-4451-43DA-9811-E7F6AA589F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4670C29-5B52-4172-8AED-0AD01229778A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "384FD986-C33D-4A87-A0ED-8EE51AD5BEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A6CF5F4-67D7-4495-B610-13959A10B97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D7E4A4-5887-40B8-860E-91F102A24D89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7055F350-0EE7-4DE7-8FB6-26A0F2D80224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C414A1EC-ED36-4113-87EE-496D0CE6C296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CC9389-53A8-43D8-9D03-9DBBEA26065C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2597C92A-BE72-4246-B2E7-F7B316E6BECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D0154-08BF-42AB-B97C-C0485BD34E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AFE66F2-621A-4F9A-8D99-C5F96D2BC528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F32EE91-CF3B-495C-9AEB-CF5F7A49E55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79D18B0-E52B-4A80-BA0D-664BE32A667B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83192D4F-A044-456E-968C-78FD3F8782B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "027479DC-5EA0-4BAE-8F45-DB8CD2E7DBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29168B6A-3D80-4DC7-A69E-E069B1627A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C3558-53F7-401D-94D4-ABC5A2DCB18A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6783329E-53C6-4FAC-A76A-CDB15C30EE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D85EF2D-D597-4BF8-8D42-65DF495F5B16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED148E81-A7BF-4E80-9BA7-1A95D4192521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBCFF6F8-1913-4095-BB33-F371EA162CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5C372F-D442-44EA-9B74-A724261F7347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8B22DF-AC72-4A1D-BAC8-41AA612EEEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6293BE50-CEC2-4564-B323-5518CB5F26A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "46449EDA-9CD5-4FFC-ACC3-AE23D4CC3758",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C94B49F-3249-4FF7-8D71-EFB59EB0B69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CE2E63-4B3B-4F37-983E-084058BB012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA972B4-3307-4A9C-9E9A-F4DCA04B3320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAE015AC-7FF4-445A-9112-576ECA6131A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA35D7C-6EAA-4E57-B229-771FBAE2616C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBAD78D-2EEA-4E84-A31D-A8DB9A4ED6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "129FBFD3-5DF3-4C03-8416-89C9295F7245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5696F1A2-1A78-43F0-B52A-13C4B1A9989F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6F4864-877C-4FBA-99F8-CA138E089B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFE7AC9-06A3-4BCC-96F4-F978DE2A12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95ADBE-FB92-427A-9C12-6F4DB32AB7C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0661B887-07D1-4C97-A810-747D34F1854E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA8D2162-DEBA-400A-9BF4-CE2D5C8E59AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD48C215-3464-49B3-AB9B-FAC18A0D6420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DAF9E4-959D-44C6-85A4-0F9124FDEC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A773CA49-4B9D-44AC-92A6-107514320987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A774AE5-7A2E-460A-A8E4-FC3AEEFD1F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7D81F3-C67F-4326-BB7F-414D6ADDAFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C87E0-772E-4840-BC53-C7AF9D7B8DC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the \"SQL selection field\" and \"typoscript.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n SQL en la extensi\u00f3n de TYPO3 powermail v1.5.1 y anteriores permite a atacantes remotos ejecutar comandos SQL a trav\u00e9s de vectores no especificados relacionados con \"typoscript\" y el campo \"de selecci\u00f3n SQL\"."
    }
  ],
  "id": "CVE-2010-0329",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-15T19:30:00.707",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38167"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-06-04 14:55

Modified

2025-04-12 10:46

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/58909
cve@mitre.org	http://typo3.org/extensions/repository/view/powermail
cve@mitre.org	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007	Vendor Advisory
cve@mitre.org	http://www.openwall.com/lists/oss-security/2014/06/03/3
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/58909
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/extensions/repository/view/powermail
af854a3a-2127-422b-91ae-364da2661108	http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2014/06/03/3

Impacted products

Vendor	Product	Version
alex_kellner	powermail	*
alex_kellner	powermail	1.6.0
alex_kellner	powermail	1.6.1
alex_kellner	powermail	1.6.2
alex_kellner	powermail	1.6.3
alex_kellner	powermail	1.6.5
alex_kellner	powermail	1.6.6
alex_kellner	powermail	1.6.7
alex_kellner	powermail	1.6.8
alex_kellner	powermail	1.6.9
typo3	typo3	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CEE9042-76F5-402D-B933-5659780A7548",
              "versionEndIncluding": "1.6.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "97566C8C-A05C-4226-AFB2-BED8F0CA51B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BFEF153-A62D-499B-BD7E-11E4F6F7BEF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1199C635-5A1F-4884-9E1B-26326FCA0C20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A4E47D2-4A1A-4153-B6CE-6C679DD186BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE4E946-B3CF-44ED-B68B-F74C7BFF67EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F23EADCC-2791-441A-B971-1AC05AC5604F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0554C6A-5E57-4D81-BCED-5BCD63E73162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6959629-9543-4DD5-82D9-027716C07802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alex_kellner:powermail:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "26E6D0AB-6B7C-4E3B-8639-A224CE551E0A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:typo3:typo3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66C5ABA-7727-4562-A792-5E450098D520",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en el asistente de exportaci\u00f3n HTML en el m\u00f3dulo backend en la extensi\u00f3n powermail anterior a 1.6.11 para TYPO3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2014-3948",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-06-04T14:55:05.403",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/58909"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://typo3.org/extensions/repository/view/powermail"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2014/06/03/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58909"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://typo3.org/extensions/repository/view/powermail"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2014/06/03/3"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerabilites related to alex_kellner - powermail

CVE-2010-4892 (GCVE-0-2010-4892)

Vulnerability from cvelistv5

CVE-2012-5889 (GCVE-0-2012-5889)

Vulnerability from cvelistv5

CVE-2014-3947 (GCVE-0-2014-3947)

Vulnerability from cvelistv5

CVE-2014-3948 (GCVE-0-2014-3948)

Vulnerability from cvelistv5

CVE-2010-3604 (GCVE-0-2010-3604)

Vulnerability from cvelistv5

CVE-2014-6288 (GCVE-0-2014-6288)

Vulnerability from cvelistv5

CVE-2010-0329 (GCVE-0-2010-0329)

Vulnerability from cvelistv5

CVE-2010-3605 (GCVE-0-2010-3605)

Vulnerability from cvelistv5

CVE-2010-3687 (GCVE-0-2010-3687)

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd