90 matches found
CVE-2018-19651
admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request Forgery SSRF via a what=importurl= request with an http or https URL. This also allows reading local files with a file: URL...
EUVD-2018-11238
Malware in sbrugna...
EUVD-2018-11241
Malware in sbrugna...
EUVD-2018-11336
Malware in sbrugna...
EUVD-2018-13751
Malware in sbrugna...
EUVD-2018-11242
Malware in sbrugna...
EUVD-2018-11240
Malware in sbrugna...
EUVD-2018-11239
Malware in sbrugna...
EUVD-2022-44043
Malicious code in bioql PyPI...
EUVD-2022-47722
Malicious code in bioql PyPI...
CVE-2022-40777
Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveyssubmit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an incomplete fix for CVE-2018-19550...
CVE-2022-44790
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists...
CVE-2018-21235
An issue was discovered in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer...
CVE-2022-44790
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists...
CVE-2022-44790
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists...
Sql injection
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists...
CVE-2022-44790
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists...
PT-2022-27313 · Interspire · Interspire Email Marketer
Name of the Vulnerable Software and Affected Versions: Interspire Email Marketer versions 6.5.1 and earlier Description: The issue allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the...
CVE-2022-44790
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists...
BigCommerec Interspire Email Marketer SQL注入漏洞
BigCommerec Interspire Email Marketer IEM is a suite of email marketing software from BigCommerec, USA. BigCommerec Interspire Email Marketer version 6.0.0 suffers from a SQL injection vulnerability that originates from allowing SQL injection in the survey module, which can be exploited by an...