Lucene search
K

81 matches found

CVE
CVE
added 2023/10/21 12:0 a.m.75 views

CVE-2023-38192

CVE-2023-38192: SuperWebMailer 9.00.0.01710 contains a cross-site scripting (XSS) flaw in superadmincreate.php that can be triggered by crafted incorrect passwords. The issue is documented as an XSS risk with potential impact including unauthorized access or data theft per related sources. The pr...

6.1CVSS5.9AI score0.01116EPSS
In wildExploits1References2Affected Software1
OSV
OSV
added 2023/10/20 10:15 p.m.6 views

CVE-2023-38191

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...

6.1CVSS6.4AI score0.00482EPSS
Exploits1References2
NVD
NVD
added 2023/10/20 10:15 p.m.18 views

CVE-2023-38191

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...

6.1CVSS5.9AI score0.00482EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/10/20 10:15 p.m.3 views

CVE-2023-38191

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...

6.1CVSS6.4AI score0.00482EPSS
Exploits1References3
Prion
Prion
added 2023/10/20 10:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...

5.8CVSS5.8AI score0.00482EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/20 12:0 a.m.5 views

PT-2023-26327 · Unknown · Superwebmailer

Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue was discovered in SuperWebMailer that allows spamtest external.php XSS via a crafted filename. The issue is related to the filename variable, which can be exploited to execute XSS...

6.1CVSS6AI score0.00482EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.3 views

SuperWebMailer Cross-Site Scripting Vulnerability

Superwebmailer is a Web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file...

6.1CVSS5.7AI score0.00482EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/10/20 12:0 a.m.19 views

CVE-2023-38191

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...

6AI score0.00482EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/20 12:0 a.m.15 views

CVE-2023-38191

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...

5.8AI score0.00482EPSS
Exploits1References2
CVE
CVE
added 2023/10/20 12:0 a.m.40 views

CVE-2023-38191

CVE-2023-38191 affects SuperWebMailer 9.00.0.01710, where an XSS flaw exists in spamtest_external.php triggered by a crafted filename. The issue is documented across multiple sources (NVD/Red Hat/CVE listings and related advisories) as a Cross-Site Scripting vulnerability in the spamtest_external...

6.1CVSS5.8AI score0.00482EPSS
Exploits1References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2020/07/29 12:0 a.m.40 views

SuperWebMailer Remote Code Execution (CVE-2020-11546)

A remote code execution vulnerability exists in SuperWebMailer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.3173EPSS
Exploits1
OSV
OSV
added 2020/07/14 8:15 p.m.3 views

CVE-2020-11546

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...

9.8CVSS8AI score0.3173EPSS
Exploits1References1
NVD
NVD
added 2020/07/14 8:15 p.m.21 views

CVE-2020-11546

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...

9.8CVSS0.3173EPSS
Exploits1References1
Prion
Prion
added 2020/07/14 8:15 p.m.14 views

Remote code execution

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...

7.5CVSS9.9AI score0.3173EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/07/14 7:16 p.m.22 views

CVE-2020-11546

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...

10AI score0.3173EPSS
Exploits1References1
CVE
CVE
added 2020/07/14 7:16 p.m.74 views

CVE-2020-11546

SuperWebMailer CVE-2020-11546 affects version 7.21.0.01526. The vulnerability is a remote code execution in the Language parameter of mailingupgrade.php that allows an unauthenticated attacker to execute arbitrary PHP code via Code Injection. The NVD entry rates the impact as high/critical (CVSS ...

9.8CVSS9.9AI score0.3173EPSS
In wildExploits1References1Affected Software1
CNVD
CNVD
added 2015/03/23 12:0 a.m.11 views

SuperWebMailer Cross-Site Scripting Vulnerability

SuperWebMailer is a WEB-based email application. A cross-site scripting vulnerability exists in SuperWebMailer defaultnewsletter.php, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack use...

4.3CVSS5.9AI score0.01927EPSS
Exploits0References1
NVD
NVD
added 2015/03/19 2:59 p.m.11 views

CVE-2015-2349

Cross-site scripting XSS vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter...

4.3CVSS5.7AI score0.01927EPSS
Exploits0References4
Prion
Prion
added 2015/03/19 2:59 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter...

4.3CVSS6.2AI score0.01927EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/03/19 2:0 p.m.53 views

CVE-2015-2349

The CVE-2015-2349 entry describes a cross-site scripting (XSS) vulnerability in SuperWebMailer’s defaultnewsletter.php affecting version 5.60.0.01190 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML through the HTMLForm parameter, enabling script execution in a...

4.3CVSS5.9AI score0.01927EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder