GCVE - cpe:2.3:a:alex_kellner:powermail:1.5.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:alex_kellner:powermail:1.5.1:*:*:*:*:*:*:*

part: a version: 1.5.1 update: *

Vendor	Alex Kellner (`02af5daf-7303-5d7b-bd6f-cfecbeb4b2a2`)
Product	Powermail (`0cc26ee9-5199-583c-bc3e-4ac43f8e3929`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/einpraegsam/powermail`	purl2cpe	2026-06-01 10:13:47.515028

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-5889`	vulnerable	2026-06-08 05:02:58.631899	Details available Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: 2012-11-17T21:00:00.000Z Updated: 2024-08-06T21:21:27.834Z Open on db.gcve.eu Reference links http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-004/ https://exchange.xforce.ibmcloud.com/vulnerabilities/74461	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-4892`	vulnerable	2026-06-08 04:56:31.374509	Details available Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: 2011-10-07T10:00:00.000Z Updated: 2024-09-16T19:56:19.783Z Open on db.gcve.eu Reference links http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-021 http://typo3.org/extensions/repository/view/powermail/1.5.5 http://secunia.com/advisories/41962	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-3687`	vulnerable	2026-06-08 04:55:16.283063	Details available Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by "[injecting] arbitrary values into validated fields," as demonstrated using the (1) Email and (2) URL fields. Published: 2010-09-29T16:00:00.000Z Updated: 2024-09-17T04:09:31.396Z Open on db.gcve.eu Reference links http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019 http://typo3.org/extensions/repository/view/powermail/1.5.4 http://secunia.com/advisories/41530	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-3605`	vulnerable	2026-06-08 04:55:15.760482	Details available Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: 2010-09-24T19:44:00.000Z Updated: 2024-09-17T00:17:31.547Z Open on db.gcve.eu Reference links http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019 http://typo3.org/extensions/repository/view/powermail/1.5.4 http://secunia.com/advisories/41530	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-3604`	vulnerable	2026-06-08 04:55:15.757836	Details available SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Published: 2010-09-24T19:44:00.000Z Updated: 2024-09-16T22:36:42.361Z Open on db.gcve.eu Reference links http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019 http://typo3.org/extensions/repository/view/powermail/1.5.4/ http://secunia.com/advisories/41530	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.