An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page.
5.4CVSS
5.2AI Score
0.001EPSS
An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF.
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF.
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter.
8.8CVSS
9.1AI Score
0.001EPSS
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter.
9.8CVSS
9.8AI Score
0.002EPSS