Superwebmailer: >> Superwebmailer >> 5.60.0.01190 Security Vulnerabilities
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.
CVSS Score
9.8
EPSS Score
0.918
Published
2020-07-14
Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-03-19