Skip to main content

Mailhunter Ultimate

5 CVEs product

Monthly

CVE-2023-34210 HIGH This Week

SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Mailhunter Ultimate
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-34209 MEDIUM This Month

Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mailhunter Ultimate
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-34208 MEDIUM This Month

Path Traversal in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to extract files into arbitrary directories via a crafted ZIP archive. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Mailhunter Ultimate
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-34207 HIGH This Week

Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Mailhunter Ultimate
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-35223 CRITICAL Act Now

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Mailhunter Ultimate
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 1% CVSS 8.8
HIGH This Week

SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Mailhunter Ultimate
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mailhunter Ultimate
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Path Traversal in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to extract files into arbitrary directories via a crafted ZIP archive. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Mailhunter Ultimate
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Mailhunter Ultimate
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Mailhunter Ultimate
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy