Superwebmailer Security Vulnerabilities and Issues — Superwebmailer CVE List

Lucene search

SuperwebmailerSuperwebmailer

8 matches found

CVE•added 2024/02/07 2:15 p.m.•71 views

CVE-2024-24131

SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php.

6.1CVSS6AI score0.07723EPSS

CVE•added 2023/10/21 1:15 a.m.•49 views

CVE-2023-38192

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords.

6.1CVSS5.9AI score0.07546EPSS

CVE•added 2020/07/14 8:15 p.m.•47 views

CVE-2020-11546

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.

9.8CVSS9.9AI score0.91827EPSS

CVE•added 2015/03/19 2:59 p.m.•38 views

CVE-2015-2349

Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter.

4.3CVSS5.9AI score0.00256EPSS

CVE•added 2023/10/21 1:15 a.m.•38 views

CVE-2023-38194

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter.

6.1CVSS5.8AI score0.04349EPSS

CVE•added 2023/10/21 1:15 a.m.•36 views

CVE-2023-38193

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line.

8.8CVSS8.8AI score0.01701EPSS

CVE•added 2023/10/21 1:15 a.m.•32 views

CVE-2023-38190

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter.

8.8CVSS9.1AI score0.00066EPSS

CVE•added 2023/10/20 10:15 p.m.•29 views

CVE-2023-38191

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtest_external.php XSS via a crafted filename.

6.1CVSS5.8AI score0.00298EPSS