9 matches found
Post SMTP < 2.8.7 - Admin+ SQL Injection
Description The plugin does not properly sanitise and escape several parameters before using them in SQL statements, leading to a SQL injection exploitable by high privilege users such as admin. In ps-delete-email-logs action: Visit the Post SMTP Email Log page and run the following code in the...
TONGDA Office Anywhere SQL Injection Vulnerability
TONGDA Office Anywhere is a collaborative office OA system. Tongda OA 2017 11.9 and earlier versions have a SQL injection vulnerability that originates from a SQL injection vulnerability in the file pda/pad/email/delete.php...
Mautic Cross-Site Request Forgery (CSRF)
Multiple cross-site request forgery CSRF vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that 1 delete email campaigns or 2 delete contacts...
Design/Logic Flaw
In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account...
Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15885)
The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "Delete Email Alerts" method in versions of Quest DR Series disk backup software prior to version 4.0.3.1. An attacker could exploit this vulnerability to execute commands...
CVE-2017-8874
Multiple cross-site request forgery CSRF vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that 1 delete email campaigns or 2 delete contacts...
DirectAdmin 1.34.4 - Multiple Cross-Site Request Forgerys
DirectAdmin 1.34.4 - Multiple Cross-Site Request Forgerys ============================================================================= Title : Multi CSRF vulnerability in DirectAdmin 1.34.4 Date : 20-3-2010 Version : 1.34.4 Author : K053 K053.Dev0te3 AT gmail Tested on : Ubuntu Vendor :...
Multi CSRF vulnerability in DirectAdmin (1.34.4)
Exploit for unknown platform in category web applications ================================================ Multi CSRF vulnerability in DirectAdmin 1.34.4 ================================================ ============================================================================= Title : Multi CS...
Chipmunk Newsletter CSRF Vulnerabilities
No description provided by source. ------------------------------------------------------------------------------------------------- Title: Chipmunk Newsletter CSRF Vulnerabilities Author: Milos Zivanovic Date: 11. December 2009...