Skip to main content

Superwebmailer

8 CVEs product

Monthly

CVE-2024-24131 MEDIUM POC This Month

SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2023-38194 MEDIUM POC This Month

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2023-38193 HIGH POC This Week

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Superwebmailer
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-38192 MEDIUM POC This Month

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2023-38190 HIGH POC This Week

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Superwebmailer
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-38191 MEDIUM POC This Month

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2020-11546 CRITICAL POC THREAT Act Now

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection PHP Superwebmailer
NVD
CVSS 3.1
9.8
EPSS
31.7%
CVE-2015-2349 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Superwebmailer
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Superwebmailer
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Superwebmailer
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in SuperWebMailer 9.00.0.01710. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Superwebmailer
NVD
EPSS 32% CVSS 9.8
CRITICAL POC THREAT Act Now

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection PHP +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Superwebmailer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy