CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4 matches found

OSV•added 2021/02/19 11:15 p.m.•7 views

CVE-2020-24617

Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped...

8.8CVSS8.1AI score

Exploits0References2

Prion•added 2021/02/19 11:15 p.m.•9 views

Sql injection

Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped...

6CVSS9AI score0.00337EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/02/19 10:48 p.m.•10 views

CVE-2020-24617

Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped...

9.1AI score0.00337EPSS

Exploits1References2

CVE•added 2021/02/19 10:48 p.m.•70 views

CVE-2020-24617

Mailtrain 1.24.1 and earlier is affected by CVE-2020-24617 due to a SQL injection in statsClickedSubscribersByColumn (lib/models/campaigns.js) that is exploitable via /campaigns/clicked/ajax because variable column names are not properly escaped. This enables injection through a vulnerable query,...

8.8CVSS9.1AI score0.00337EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by