Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
InterspireEmail Marketer

2 matches found

CVE
CVEadded 2022/12/09 9:15 p.m.51 views

CVE-2022-44790

Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.

7.5CVSS7.8AI score0.00336EPSS
CVE
CVEadded 2022/10/11 11:15 p.m.47 views

CVE-2022-40777

Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an incomplete fix for CVE-2018-19550.

8.8CVSS8.7AI score0.01976EPSS