Lucene search
K
EasyuseMailhunter Ultimate

5 matches found

CVE
CVE
added 2022/08/02 3:21 p.m.67 views

CVE-2022-35223

CVE-2022-35223 affects EasyUse MailHunter Ultimate via its cookie deserialization function. The root cause is inadequate validation during deserializing cookies containing a malicious payload, enabling an unauthenticated remote attacker to execute arbitrary code, manipulate system commands, or in...

9.8CVSS10AI score0.0129EPSS
CVE
CVE
added 2023/10/17 4:0 a.m.66 views

CVE-2023-34208

The CVE-2023-34208 entry concerns a path traversal vulnerability in the create template function of EasyUse MailHunter Ultimate (versions 2023 and earlier). A crafted ZIP archive could let an authenticated remote user extract files to arbitrary directories, exposing sensitive data (impact to conf...

6.5CVSS6.2AI score0.00638EPSS
CVE
CVE
added 2023/10/17 3:35 a.m.63 views

CVE-2023-34207

Summary: CVE-2023-34207 affects EasyUse MailHunter Ultimate (versions 2023 and earlier). The issue is an unrestricted upload of file with dangerous type in the create template function, enabling remote authenticated users to run arbitrary system commands with NT Authority\SYSTEM privileges via a ...

9.9CVSS8.8AI score0.00645EPSS
CVE
CVE
added 2023/10/17 4:0 a.m.50 views

CVE-2023-34209

CVE-2023-34209 affects EasyUse MailHunter Ultimate (2023 and earlier). A flaw in the create template function allows remote authenticated users to view the absolute path by an unencrypted VIEWSTATE parameter. The issue exposes sensitive system information to an unauthorized control sphere, with i...

5CVSS4.5AI score0.00429EPSS
CVE
CVE
added 2023/10/17 4:0 a.m.44 views

CVE-2023-34210

CVE-2023-34210 affects EasyUse MailHunter Ultimate (versions 2023 and earlier). The vulnerability is an SQL injection in the create customer group function via the ctl00$ContentPlaceHolder1$txtCustSQL parameter, exploitable by remote authenticated users to execute arbitrary SQL commands. Public d...

8.8CVSS8.3AI score0.00582EPSS