Lucene search
+L

35 matches found

prion
prion
added 2018/08/06 3:29 p.m.13 views

Sql injection

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter...

7.5CVSS9.8AI score0.01135EPSS
Exploits1References1Affected Software1
osv
osv
added 2018/08/06 3:29 p.m.4 views

CVE-2018-14968

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter...

9.8CVSS5.8AI score0.01135EPSS
Exploits1References1
osv
osv
added 2018/08/06 3:29 p.m.3 views

CVE-2018-14964

An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page...

5.4CVSS5.8AI score0.00531EPSS
Exploits1References1
nvd
nvd
added 2018/08/06 3:29 p.m.20 views

CVE-2018-14964

An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page...

5.4CVSS5.3AI score0.00531EPSS
Exploits1References1
osv
osv
added 2018/08/06 3:29 p.m.3 views

CVE-2018-14966

An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF...

8.8CVSS5.8AI score0.00494EPSS
Exploits1References1
cvelist
cvelist
added 2018/08/06 3:0 p.m.21 views

CVE-2018-14965

An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF...

8.7AI score0.00494EPSS
Exploits1References1
cvelist
cvelist
added 2018/08/06 3:0 p.m.22 views

CVE-2018-14964

An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page...

5.3AI score0.00531EPSS
Exploits1References1
cvelist
cvelist
added 2018/08/06 3:0 p.m.20 views

CVE-2018-14966

An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF...

8.7AI score0.00494EPSS
Exploits1References1
cve
cve
added 2018/08/06 3:0 p.m.35 views

CVE-2018-14964

EMLsoft 5.4.5 is affected by a cross‑site scripting (XSS) vulnerability reachable via the eml/upload/eml/?action=address&do=edit page. The issue is documented in CVE-2018-14964 with an XSS flaw that could leverage this specific URL path. The public data consistently notes XSS as the vulnerability...

5.4CVSS5.2AI score0.00531EPSS
Exploits1References1Affected Software1
cve
cve
added 2018/08/06 3:0 p.m.39 views

CVE-2018-14966

EMLsoft 5.4.5 is affected by a Cross-Site Request Forgery on the eml/upload/eml/?action=user&do=add page. The weakness allows unauthorized state-changing requests from authenticated users and, per CNVD, can enable an administrator account. Public sources in connected documents corroborate CSRF on...

8.8CVSS8.6AI score0.00494EPSS
Exploits1References1Affected Software1
cve
cve
added 2018/08/06 3:0 p.m.42 views

CVE-2018-14965

EMLsoft 5.4.5 contains a CSRF vulnerability on the endpoint eml/upload/eml/?action=address&do=add. The CVE entry notes CSRF as the issue; CVSS3.0/2.0 metrics indicate a network-accessible flaw with high impact to confidentiality, integrity, and availability (C/H/I/A at high levels) and user inter...

8.8CVSS8.6AI score0.00494EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2018/08/06 3:0 p.m.15 views

CVE-2018-14968

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter...

9.9AI score0.01135EPSS
Exploits1References1
cvelist
cvelist
added 2018/08/06 3:0 p.m.18 views

CVE-2018-14967

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter...

9.2AI score0.00995EPSS
Exploits1References1
cve
cve
added 2018/08/06 3:0 p.m.47 views

CVE-2018-14968

EMLsoft 5.4.5 has an SQL injection in upload\eml\action\action.address.php via the numPerPage parameter. A remote attacker could view, add, modify or delete data in the back-end database through this vector. Root cause: improper handling of the numPerPage parameter leading to SQL injection. No re...

9.8CVSS9.8AI score0.01135EPSS
Exploits1References1Affected Software1
cve
cve
added 2018/08/06 3:0 p.m.39 views

CVE-2018-14967

CVE-2018-14967 affects EMLsoft 5.4.5. The vulnerability is a SQL injection in upload\eml\action\action.user.php via the numPerPage parameter, allowing a remote attacker to view, add, modify, or delete information in the back-end database. No exploit details or fixes are provided in the connected ...

8.8CVSS9.1AI score0.00995EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder