28 matches found
EUVD-2023-38306
Malicious code in bioql PyPI...
EUVD-2023-38308
Malicious code in bioql PyPI...
EUVD-2023-38305
Malicious code in bioql PyPI...
CVE-2023-34210
SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the ctl00$ContentPlaceHolder1$txtCustSQL parameter...
Design/Logic Flaw
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...
CVE-2023-34208
Path Traversal in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to extract files into arbitrary directories via a crafted ZIP archive...
CVE-2023-34210
CVE-2023-34210 affects EasyUse MailHunter Ultimate (versions 2023 and earlier). The vulnerability is an SQL injection in the create customer group function via the ctl00$ContentPlaceHolder1$txtCustSQL parameter, exploitable by remote authenticated users to execute arbitrary SQL commands. Public d...
CVE-2023-34210 SQL Injection in EasyUse MailHunter Ultimate
SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the ctl00$ContentPlaceHolder1$txtCustSQL parameter...
CVE-2023-34210 SQL Injection in EasyUse MailHunter Ultimate
SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the ctl00$ContentPlaceHolder1$txtCustSQL parameter...
CVE-2023-34209 Exposure of Sensitive System Information to an Unauthorized Control Sphere in EasyUse MailHunter Ultimate
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...
CVE-2023-34209 Exposure of Sensitive System Information to an Unauthorized Control Sphere in EasyUse MailHunter Ultimate
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...
CVE-2023-34209
CVE-2023-34209 affects EasyUse MailHunter Ultimate (2023 and earlier). A flaw in the create template function allows remote authenticated users to view the absolute path by an unencrypted VIEWSTATE parameter. The issue exposes sensitive system information to an unauthorized control sphere, with i...
CVE-2023-34208 Path Traversal in EasyUse MailHunter Ultimate
Path Traversal in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to extract files into arbitrary directories via a crafted ZIP archive...
CVE-2023-34208 Path Traversal in EasyUse MailHunter Ultimate
Path Traversal in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to extract files into arbitrary directories via a crafted ZIP archive...
CVE-2023-34208
The CVE-2023-34208 entry concerns a path traversal vulnerability in the create template function of EasyUse MailHunter Ultimate (versions 2023 and earlier). A crafted ZIP archive could let an authenticated remote user extract files to arbitrary directories, exposing sensitive data (impact to conf...
CVE-2023-34207 Unrestricted Upload of File with Dangerous Type in EasyUse MailHunter Ultimate
Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with ‘NT Authority\SYSTEM‘ privilege via a crafted ZIP archive...
CVE-2023-34207 Unrestricted Upload of File with Dangerous Type in EasyUse MailHunter Ultimate
Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with ‘NT Authority\SYSTEM‘ privilege via a crafted ZIP archive...
CVE-2023-34207
Summary: CVE-2023-34207 affects EasyUse MailHunter Ultimate (versions 2023 and earlier). The issue is an unrestricted upload of file with dangerous type in the create template function, enabling remote authenticated users to run arbitrary system commands with NT Authority\SYSTEM privileges via a ...
EasyUse MailHunter Ultimate Security Vulnerability
EasyUse MailHunter Ultimate is an accurate email finder tool from EasyUse China. A security vulnerability exists in EasyUse MailHunter Ultimate version 2023 and prior versions, which stems from the exposure of sensitive system information to an unauthorized Control Sphere, allowing an authenticat...
EasyUse MailHunter Ultimate SQL Injection Vulnerability
EasyUse MailHunter Ultimate is an accurate email finder tool from EasyUse China. A security vulnerability exists in EasyUse MailHunter Ultimate 2023 and prior versions, which stems from the presence of a SQL injection vulnerability that allows an authenticated remote user to execute arbitrary SQL...