Lucene search
Ocean12 TechnologiesMailing List Manager
3 matches found
CVE-2008-5980
Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb.
5CVSS6.8AI score0.02793EPSS
CVE-2008-5978
Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.
7.5CVSS8.8AI score0.00234EPSS
CVE-2008-5979
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter.
4.3CVSS5.9AI score0.01719EPSS