81 matches found
CVE-2024-24131
SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting XSS vulenrability via the component api.php...
CVE-2024-24131
SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting XSS vulenrability via the component api.php...
PT-2024-20285 · Unknown · Superwebmailer
Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.31.0.01799 Description: The issue is a reflected cross-site scripting XSS problem. It occurs via the "api.php" component. Cross-site scripting XSS is a type of security vulnerability that allows an attacker to inject...
Superwebmailer Cross-Site Scripting Vulnerability
Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A cross-site scripting vulnerability exists in Superwebmailer version v9.31.0.01799, which stems from a cross-site scripting vulnerability in the component api.php...
CVE-2024-24131
CVE-2024-24131 affects SuperWebMailer, specifically version 9.31.0.01799, with a reflected cross-site scripting (XSS) vulnerability in the api.php component. The vulnerability allows unauthenticated attackers to execute arbitrary JavaScript in a victim’s browser, potentially enabling cookie or se...
CVE-2023-38194
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...
CVE-2023-38193
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line...
CVE-2023-38194
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...
CVE-2023-38193
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line...
CVE-2023-38193
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line...
CVE-2023-38194
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...
CVE-2023-38192
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords...
CVE-2023-38192
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords...
CVE-2023-38192
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords...
CVE-2023-38190
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...
CVE-2023-38190
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...
CVE-2023-38190
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...
Sql injection
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...
Remote code execution
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line...
Design/Logic Flaw
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...