Acyba: >> Acymailing >> 1.0.4 Security Vulnerabilities
Acyba AcyMailing before 6.9.2 mishandles file uploads by admins.
CVSS Score
7.2
EPSS Score
0.005
Published
2020-03-24
SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2020-03-09
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export.
CVSS Score
8.8
EPSS Score
0.125
Published
2018-03-28