9 matches found
CVE-2023-38194
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...
CVE-2023-38194
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...
CVE-2023-38190
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...
CVE-2023-38193
CVE-2023-38193 affects SuperWebMailer 9.00.0.01710, where a crafted sendmail command line allows Remote Code Execution. The NVD entry assigns CVSS 3.1 vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base score 8.8), indicating high impact with network access, low privileges required, and no user inte...
PT-2023-26328 · Unknown · Superwebmailer
Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue was discovered that allows for XSS via crafted incorrect passwords in the superadmincreate.php file. Recommendations: For SuperWebMailer version 9.00.0.01710, as a temporary workaround...
SuperWebMailer Cross-Site Scripting Vulnerability
Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file keepalive.php...
SuperWebMailer Command Injection Vulnerability
Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710 that stems from the presence of a Remote Code Execution RCE vulnerability. An attacker can...
CVE-2023-38191
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...
SuperWebMailer Cross-Site Scripting Vulnerability
Superwebmailer is a Web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file...