Security Vulnerabilities - CVEs Published In March 2017
XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&action=[XSS] attack.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-03-09
XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id.
CVSS Score
7.2
EPSS Score
0.007
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id.
CVSS Score
7.2
EPSS Score
0.007
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list.
CVSS Score
7.2
EPSS Score
0.009
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id.
CVSS Score
7.2
EPSS Score
0.007
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: filter_list.
CVSS Score
7.2
EPSS Score
0.007
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id.
CVSS Score
7.2
EPSS Score
0.007
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id.
CVSS Score
7.2
EPSS Score
0.007
Published
2017-03-09
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id.
CVSS Score
7.2
EPSS Score
0.007
Published
2017-03-09