Lucene search
K

9 matches found

NVD
NVD
added 2023/10/21 1:15 a.m.16 views

CVE-2023-38194

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...

6.1CVSS5.9AI score0.0114EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/10/21 1:15 a.m.7 views

CVE-2023-38194

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...

6.1CVSS6.3AI score0.0114EPSS
Exploits1References4
NVD
NVD
added 2023/10/21 1:15 a.m.16 views

CVE-2023-38190

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...

8.8CVSS9.1AI score0.00665EPSS
Exploits1References2
CVE
CVE
added 2023/10/21 12:0 a.m.47 views

CVE-2023-38193

CVE-2023-38193 affects SuperWebMailer 9.00.0.01710, where a crafted sendmail command line allows Remote Code Execution. The NVD entry assigns CVSS 3.1 vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base score 8.8), indicating high impact with network access, low privileges required, and no user inte...

8.8CVSS8.8AI score0.01286EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/21 12:0 a.m.3 views

PT-2023-26328 · Unknown · Superwebmailer

Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue was discovered that allows for XSS via crafted incorrect passwords in the superadmincreate.php file. Recommendations: For SuperWebMailer version 9.00.0.01710, as a temporary workaround...

6.1CVSS6AI score0.01116EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.5 views

SuperWebMailer Cross-Site Scripting Vulnerability

Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file keepalive.php...

6.1CVSS5.7AI score0.0114EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.4 views

SuperWebMailer Command Injection Vulnerability

Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710 that stems from the presence of a Remote Code Execution RCE vulnerability. An attacker can...

8.8CVSS8AI score0.01286EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/10/20 10:15 p.m.3 views

CVE-2023-38191

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...

6.1CVSS6.4AI score0.00482EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.2 views

SuperWebMailer Cross-Site Scripting Vulnerability

Superwebmailer is a Web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file...

6.1CVSS5.7AI score0.00482EPSS
Exploits1References3
Rows per page
Query Builder