81 matches found
CVE-2023-38192
CVE-2023-38192: SuperWebMailer 9.00.0.01710 contains a cross-site scripting (XSS) flaw in superadmincreate.php that can be triggered by crafted incorrect passwords. The issue is documented as an XSS risk with potential impact including unauthorized access or data theft per related sources. The pr...
CVE-2023-38191
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...
CVE-2023-38191
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...
CVE-2023-38191
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...
Design/Logic Flaw
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...
PT-2023-26327 · Unknown · Superwebmailer
Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue was discovered in SuperWebMailer that allows spamtest external.php XSS via a crafted filename. The issue is related to the filename variable, which can be exploited to execute XSS...
SuperWebMailer Cross-Site Scripting Vulnerability
Superwebmailer is a Web-based PHP newsletter software for newsletter recipient management, sending HTML newsletters, birthday emails. A security vulnerability exists in SuperWebMailer version 9.00.0.01710, which originates from a cross-site scripting XSS vulnerability in the file...
CVE-2023-38191
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...
CVE-2023-38191
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtestexternal.php XSS via a crafted filename...
CVE-2023-38191
CVE-2023-38191 affects SuperWebMailer 9.00.0.01710, where an XSS flaw exists in spamtest_external.php triggered by a crafted filename. The issue is documented across multiple sources (NVD/Red Hat/CVE listings and related advisories) as a Cross-Site Scripting vulnerability in the spamtest_external...
SuperWebMailer Remote Code Execution (CVE-2020-11546)
A remote code execution vulnerability exists in SuperWebMailer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-11546
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...
CVE-2020-11546
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...
Remote code execution
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...
CVE-2020-11546
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection...
CVE-2020-11546
SuperWebMailer CVE-2020-11546 affects version 7.21.0.01526. The vulnerability is a remote code execution in the Language parameter of mailingupgrade.php that allows an unauthenticated attacker to execute arbitrary PHP code via Code Injection. The NVD entry rates the impact as high/critical (CVSS ...
SuperWebMailer Cross-Site Scripting Vulnerability
SuperWebMailer is a WEB-based email application. A cross-site scripting vulnerability exists in SuperWebMailer defaultnewsletter.php, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack use...
CVE-2015-2349
Cross-site scripting XSS vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter...
CVE-2015-2349
The CVE-2015-2349 entry describes a cross-site scripting (XSS) vulnerability in SuperWebMailer’s defaultnewsletter.php affecting version 5.60.0.01190 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML through the HTMLForm parameter, enabling script execution in a...