Superwebmailer: >> Superwebmailer Security Vulnerabilities
SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php.
CVSS Score
6.1
EPSS Score
0.096
Published
2024-02-07
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line.
CVSS Score
8.8
EPSS Score
0.017
Published
2023-10-21
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter.
CVSS Score
6.1
EPSS Score
0.043
Published
2023-10-21
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-21
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords.
CVSS Score
6.1
EPSS Score
0.075
Published
2023-10-21
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtest_external.php XSS via a crafted filename.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-10-20
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.
CVSS Score
9.8
EPSS Score
0.918
Published
2020-07-14
Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-03-19