Lucene search
K

81 matches found

Prion
Prion
added 2023/10/21 1:15 a.m.13 views

Cross site scripting

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords...

5.8CVSS5.9AI score0.01116EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/10/21 12:0 a.m.44 views

CVE-2023-38190

CVE-2023-38190 affects SuperWebMailer 9.00.0.01710. The issue is an Export SQL Injection via the size parameter in the affected application. Root cause: exploitable SQL injection in the parameterized export flow, allowing an attacker to inject SQL commands. Impact per sources: data exposure, modi...

8.8CVSS9.1AI score0.00665EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.5 views

SuperWebMailer SQL Injection Vulnerability

Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a SQL injection vulnerability in parameter size...

8.8CVSS7.9AI score0.00665EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/21 12:0 a.m.26 views

CVE-2023-38193

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line...

9.1AI score0.01286EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/21 12:0 a.m.27 views

CVE-2023-38194

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...

6.1AI score0.0114EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/21 12:0 a.m.5 views

PT-2023-26329 · Unknown · Superwebmailer

Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue in SuperWebMailer allows Remote Code Execution via a crafted sendmail command line. Recommendations: For SuperWebMailer version 9.00.0.01710, consider restricting access to the sendmai...

8.8CVSS8.8AI score0.01286EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/10/21 12:0 a.m.4 views

PT-2023-26330 · Unknown · Superwebmailer

Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue was discovered that allows for XSS via a GET parameter in the keepalive.php file. Recommendations: For SuperWebMailer version 9.00.0.01710, consider restricting access to the...

6.1CVSS5.9AI score0.0114EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.5 views

SuperWebMailer Command Injection Vulnerability

Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710 that stems from the presence of a Remote Code Execution RCE vulnerability. An attacker can...

8.8CVSS8AI score0.01286EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.8 views

SuperWebMailer Cross-Site Scripting Vulnerability

Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file...

6.1CVSS5.7AI score0.01116EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/10/21 12:0 a.m.12 views

CVE-2023-38190

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...

8.2AI score0.00665EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/21 12:0 a.m.18 views

CVE-2023-38192

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords...

6.1AI score0.01116EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/21 12:0 a.m.20 views

CVE-2023-38190

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter...

9.3AI score0.00665EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/21 12:0 a.m.16 views

CVE-2023-38192

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords...

5.9AI score0.01116EPSS
Exploits1References2
CVE
CVE
added 2023/10/21 12:0 a.m.63 views

CVE-2023-38194

SuperWebMailer (v9.00.0.01710) is affected by a Cross-Site Scripting (XSS) in keepalive.php achievable via a GET parameter. Root cause: insufficient input validation and lack of proper output encoding in that script. Impact: could allow attackers to execute malicious scripts in a user’s browser, ...

6.1CVSS5.8AI score0.0114EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/10/21 12:0 a.m.47 views

CVE-2023-38193

CVE-2023-38193 affects SuperWebMailer 9.00.0.01710, where a crafted sendmail command line allows Remote Code Execution. The NVD entry assigns CVSS 3.1 vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base score 8.8), indicating high impact with network access, low privileges required, and no user inte...

8.8CVSS8.8AI score0.01286EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/21 12:0 a.m.12 views

CVE-2023-38193

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line...

7.6AI score0.01286EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/21 12:0 a.m.3 views

PT-2023-26328 · Unknown · Superwebmailer

Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue was discovered that allows for XSS via crafted incorrect passwords in the superadmincreate.php file. Recommendations: For SuperWebMailer version 9.00.0.01710, as a temporary workaround...

6.1CVSS6AI score0.01116EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/10/21 12:0 a.m.4 views

PT-2023-26326 · Unknown · Superwebmailer

Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: The issue allows for Export SQL Injection via the size parameter. This enables potential attackers to inject malicious SQL code, potentially leading to unauthorized data access or modification...

8.8CVSS8.7AI score0.00665EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.5 views

SuperWebMailer Cross-Site Scripting Vulnerability

Superwebmailer is a web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file keepalive.php...

6.1CVSS5.7AI score0.0114EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/10/21 12:0 a.m.144 views

CVE-2023-38194

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter...

5.8AI score0.0114EPSS
Exploits1References2
Rows per page
Query Builder