CVE-2010-0329 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 60%

Affected Products (NVD)

Vendor	Product	Version
alex_kellner	powermail	𝑥 ≤ 1.5.1
alex_kellner	powermail	1.0.1
alex_kellner	powermail	1.0.2
alex_kellner	powermail	1.0.3
alex_kellner	powermail	1.0.4
alex_kellner	powermail	1.0.5
alex_kellner	powermail	1.0.6
alex_kellner	powermail	1.0.7
alex_kellner	powermail	1.0.8
alex_kellner	powermail	1.0.9
alex_kellner	powermail	1.0.10
alex_kellner	powermail	1.0.11
alex_kellner	powermail	1.0.12
alex_kellner	powermail	1.1.0
alex_kellner	powermail	1.1.1
alex_kellner	powermail	1.1.2
alex_kellner	powermail	1.1.3
alex_kellner	powermail	1.1.4
alex_kellner	powermail	1.1.5
alex_kellner	powermail	1.1.6
alex_kellner	powermail	1.1.7
alex_kellner	powermail	1.1.8
alex_kellner	powermail	1.1.9
alex_kellner	powermail	1.1.10
alex_kellner	powermail	1.2.0
alex_kellner	powermail	1.2.1
alex_kellner	powermail	1.2.2
alex_kellner	powermail	1.2.3
alex_kellner	powermail	1.2.4
alex_kellner	powermail	1.3.1
alex_kellner	powermail	1.3.2
alex_kellner	powermail	1.3.3
alex_kellner	powermail	1.3.4
alex_kellner	powermail	1.3.5
alex_kellner	powermail	1.3.6
alex_kellner	powermail	1.3.7
alex_kellner	powermail	1.3.8
alex_kellner	powermail	1.3.9
alex_kellner	powermail	1.3.10
alex_kellner	powermail	1.3.11
alex_kellner	powermail	1.3.12
alex_kellner	powermail	1.3.13
alex_kellner	powermail	1.3.14
alex_kellner	powermail	1.3.15
alex_kellner	powermail	1.3.16
alex_kellner	powermail	1.4.1
alex_kellner	powermail	1.4.2
alex_kellner	powermail	1.4.3
alex_kellner	powermail	1.4.4
alex_kellner	powermail	1.4.5
alex_kellner	powermail	1.4.6
alex_kellner	powermail	1.4.7
alex_kellner	powermail	1.4.8
alex_kellner	powermail	1.4.9
alex_kellner	powermail	1.4.10
alex_kellner	powermail	1.4.11
alex_kellner	powermail	1.4.12
alex_kellner	powermail	1.4.13
alex_kellner	powermail	1.4.14
alex_kellner	powermail	1.4.15
alex_kellner	powermail	1.4.16
alex_kellner	powermail	1.4.17
alex_kellner	powermail	1.4.18
alex_kellner	powermail	1.5.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

References

http://secunia.com/advisories/38167

http://typo3.org/extensions/repository/view/powermail/1.5.2/

http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/

http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/

http://secunia.com/advisories/38167

http://typo3.org/extensions/repository/view/powermail/1.5.2/

http://typo3.org/extensions/repository/view/powermail/1.5.2/info/changelog.txt/

http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/