CVE-2023-6381

Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11.20.0.2204. An attacker could exploit this vulnerability by sending a malicious configuration file file with SMB extension to a user via a link or email attachment and persuade the user to open the file...

CVE-2023-6381

Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11.20.0.2204. An attacker could exploit this vulnerability by sending a malicious configuration file file with SMB extension to a user via a link or email attachment and persuade the user to open the file...

CVE-2023-6381

CVE-2023-6381 affects Newsletter Software SuperMailer v11.20.0.2204. The issue is improper input validation when loading a malicious configuration file with an SMB extension delivered via link or email attachment, which can crash the application on load. Exploitation requires user action (opening...

Newsletter Input Validation Error Vulnerability

Newsletter is a one-click bulk email solution. An input validation error vulnerability exists in Newsletter Software SuperMailer version 11.20.0.2204, which originates from a vulnerability that could allow an attacker to crash the application by sending a malicious configuration file to the user...

SuperMailer v11.20 - Buffer overflow DoS

Exploit Title: SuperMailer v11.20 - Buffer overflow DoS Exploit Author: Rafael Pedrero Discovery Date: 2021-02-07 Vendor Homepage: https://int.supermailer.de/downloadnewslettersoftware.htm Software Link : https://int.supermailer.de/smintsw.zip / https://int.supermailer.de/smintswx64.zip Tested...

SuperMailer v11.20 - Buffer overflow DoS Vulnerability

Exploit Title: SuperMailer v11.20 - Buffer overflow DoS Exploit Author: Rafael Pedrero Vendor Homepage: https://int.supermailer.de/downloadnewslettersoftware.htm Software Link : https://int.supermailer.de/smintsw.zip / https://int.supermailer.de/smintswx64.zip Tested Version: v11.20 32bit/64bit...

phplist 跨站脚本漏洞

phplist is a set of open source newsletter and email marketing software from the UK-based phplist. Version 3.2.6 of phplist contains a security vulnerability that could be used by attackers to conduct cross-site scripting attacks...

phplist SQL注入漏洞

phplist is a suite of open source newsletter and email marketing software from the UK-based phplist. Version 3.2.6 of phplist contains a security vulnerability that can be exploited by attackers to conduct SQL injection attacks...

phplist 跨站脚本漏洞

phplist is a set of open source newsletter and email marketing software from phplist UK. phplist version 3.2.6 has a security vulnerability that can be exploited by attackers to conduct cross-site scripting attacks...

HCC Embedded InterNiche Buffer Overflow Vulnerability

HCC Embedded InterNiche is a newsletter software. A security vulnerability exists in HCC Embedded InterNiche, which can be exploited by attackers to cause read/write out of bounds...

Unspecified Vulnerability in HCC Embedded InterNiche (CNVD-2021-59224)

HCC Embedded InterNiche is a newsletter software. A security vulnerability exists in the HCC Embedded InterNiche stack and NicheLite, which stems from the TFTP message processing feature that does not guarantee that filenames end in null, and can be exploited by an attacker to cause a denial of...

HCC Embedded InterNiche 安全漏洞

HCC Embedded InterNiche is a newsletter software. A security vulnerability exists in HCC Embedded InterNiche, which stems from a TCP emergency data handling function that may call a panic function, which can be exploited by an attacker to cause an infinite loop...

HCC Embedded InterNiche 安全特征问题漏洞

HCC Embedded InterNiche is a newsletter software. An unspecified vulnerability exists in HCC Embedded InterNiche, which can be exploited to allow an attacker to be able to predict the source port of a DNS query, and then send spoofed DNS response packets that may be accepted as valid answers...

WebGalamb suffers from a SQL injection vulnerability

Webgalamb is a suite of newsletter and email marketing software. A SQL injection vulnerability exists in Webgalamb 7.0 and prior versions, which stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit the vulnerability to execute...

MilkyStep fails to restrict access permissions

Overview MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep fails to restrict access permissions CWE-264. Note that this vulnerability is different from JVN74280258. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the...

SuperWebMailer 5.50.0.01160 Cross Site Scripting

SuperWebMailer 5.50.0.01160 XSS Cross-site Scripting Security Vulnerabilities Exploit Title: SuperWebMailer /defaultnewsletter.php" HTMLForm Parameter XSS Security Vulnerabilities Product: SuperWebMailer Vendor: SuperWebMailer Vulnerable Versions: 5..0. 4..0. Tested Version: 5..0. 4..0. Advisory...

aconon-traverse.txt

Application: acononR Mail Affected versions: probably all known, tested against 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1 Affected plattforms: every, Aconon runs at Win32, Linux, Solaris ... Exploitation: remote Description: Aconon Mail is a commercial newsletter software, providi...

Aconon Mail 2004 Remote Directory Traversal Vulnerability

No description provided by source. Application: acononR Mail Affected versions: probably all known, tested against 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1 Affected plattforms: every, Aconon runs at Win32, Linux, Solaris ... Exploitation: remote Description: Aconon Mail is a...

Aconon Mail 2004 - Directory Traversal

Aconon Mail 2004 - Directory Traversal Application: acononR Mail Affected versions: probably all known, tested against 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1 Affected plattforms: every, Aconon runs at Win32, Linux, Solaris ... Exploitation: remote Description: Aconon Mail is a...