30 matches found
EUVD-2019-7732
Malware in sbrugna...
EUVD-2020-15970
Malware in sbrugna...
EUVD-2019-7721
Malware in sbrugna...
CVE-2020-23217
A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add a list" field under the "Import Emails" module...
CVE-2019-17308
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user...
CVE-2019-17319
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user...
CVE-2020-23190
A stored cross site scripting XSS vulnerability in the "Import emails" module in phplist 3.5.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2020-23190
A stored cross site scripting XSS vulnerability in the "Import emails" module in phplist 3.5.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...
PT-2021-10853 · Phplist · Phplist
Name of the Vulnerable Software and Affected Versions: phplist version 3.5.4 Description: A stored cross site scripting XSS issue in the "Import emails" module allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For phplist version 3.5.4...
CVE-2020-23217
A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add a list" field under the "Import Emails" module...
Cross site scripting
A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add a list" field under the "Import Emails" module...
CVE-2020-23217
A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add a list" field under the "Import Emails" module...
PT-2021-10860 · Phplist · Phplist
Name of the Vulnerable Software and Affected Versions: phplist version 3.5.3 Description: A stored cross site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Add a list field under the Import Emails module. Recommendations: For...
SugarCRM PHP code injection vulnerability (CNVD-2019-34429)
SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the Emails module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...
CVE-2019-17308
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user...
CVE-2019-17308
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user...
Code injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user...
CVE-2019-17319
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user...
CVE-2019-17319
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user...
Sql injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user...