31 matches found
CVE-2016-10956
The mail-masta plugin 1.0 for WordPress has local file inclusion in countofsend.php and csvexport.php...
EUVD-2017-15162
Malware in sbrugna...
EUVD-2017-15633
Malware in sbrugna...
EUVD-2017-15626
Malware in sbrugna...
CVE-2016-10956
The mail-masta plugin 1.0 for WordPress has local file inclusion in countofsend.php and csvexport.php...
CVE-2016-10956
CVE-2016-10956 affects WordPress Mail Masta 1.0, with local file inclusion in count_of_send.php and csvexport.php. The Nuclei template and other sources confirm unauthenticated LFI (example PoC). Impact per sources: attacker can read server files, potentially leading to information disclosure. CV...
WordPress Mail Masta plugin SQL injection vulnerability (CNVD-2017-02632)
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Mail Masta aka mail-masta is one of the email plug-ins. WordPress Mail Masta plugin version 1.0 in...
WordPress Mail Masta plugin SQL injection vulnerability (CNVD-2017-02634)
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Mail Masta aka mail-masta is one of the email plug-ins. WordPress Mail Masta plugin version 1.0 in...
WordPress Mail Masta plugin SQL injection vulnerability (CNVD-2017-02638)
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Mail Masta aka mail-masta is one of the email plug-ins. WordPress Mail Masta plugin version 1.0 in...
CVE-2017-6575
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/lists/editmember.php with the GET Parameter: memberid...
CVE-2017-6575
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/lists/editmember.php with the GET Parameter: memberid...
CVE-2017-6578
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/subscriberlist.php with the POST Parameter: subscriberemail...
CVE-2017-6576
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id...
CVE-2017-6572
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/lists/addmember.php with the GET Parameter: filterlist...
CVE-2017-6573
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id...
CVE-2017-6570
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id...
CVE-2017-6573
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id...
CVE-2017-6578
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/subscriberlist.php with the POST Parameter: subscriberemail...
Sql injection
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta aka mail-masta plugin 1.0 for WordPress. This affects ./inc/subscriberlist.php with the POST Parameter: subscriberemail...
CVE-2017-6577
The CVE-2017-6577 entry describes a SQL injection vulnerability in the Mail Masta (mail-masta) WordPress plugin version 1.0. The flaw is exploitable via the POST parameter list_id in ./inc/subscriber_list.php, requiring WordPress admin access to exploit. Impact, per the CVSS data in the record, i...