CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-34210

SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the ctl00$ContentPlaceHolder1$txtCustSQL parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.1%

CVSS Severity

CVSS v3 Score 7.7

References

https://zuso.ai/Advisory/ZA-2023-07
https://zuso.ai/Advisory/ZA-2023-07

Products affected by CVE-2023-34210

Easyuse » Mailhunter Ultimate » Version: N/A

cpe:2.3:a:easyuse:mailhunter_ultimate:-
Easyuse » Mailhunter Ultimate » Version: 2020

cpe:2.3:a:easyuse:mailhunter_ultimate:2020
Easyuse » Mailhunter Ultimate » Version: 2023

cpe:2.3:a:easyuse:mailhunter_ultimate:2023

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-34210

Products

Pricing

Contact Us