Acymailing
Approved changes feed: RSS · Atom
cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:joomla\!:*:*
part: a version: * update: *
| Vendor | Acymailing (e793a6e6-12d0-5a45-ac63-062287209ca7) |
|---|---|
| Product | Acymailing (c7c89958-c94f-5b95-ae80-2f5fb5fada2c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | joomla! |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-28733 |
vulnerable | 2026-06-03 14:51:13.387654 |
Stored XSS affecting the AcyMailing plugin for Joomla
HIGH (7.2)
AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
Published: 2023-03-30T11:27:40.884Z
Updated: 2025-02-11T19:17:17.402Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28732 |
vulnerable | 2026-06-03 14:51:13.387048 |
Missing access control affecting the AcyMailing plugin for Joomla
MEDIUM (6.5)
Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office.
This issue affects AnyMailing Joomla Plugin in versions below 8.3.0.
Published: 2023-03-30T11:26:27.209Z
Updated: 2025-02-11T20:10:17.247Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28731 |
vulnerable | 2026-06-03 14:51:13.385139 |
Unauthenticated RCE affecting the AcyMailing plugin for Joomla
CRITICAL (9.8)
AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
Published: 2023-03-30T11:25:36.854Z
Updated: 2025-02-11T20:11:00.208Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.