Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2023-38194

Disclosure Date: October 21, 2023 (last updated October 28, 2023)
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-38193

Disclosure Date: October 21, 2023 (last updated October 28, 2023)
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-38192

Disclosure Date: October 21, 2023 (last updated October 28, 2023)
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows superadmincreate.php XSS via crafted incorrect passwords.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-38190

Disclosure Date: October 21, 2023 (last updated October 28, 2023)
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-38191

Disclosure Date: October 20, 2023 (last updated October 28, 2023)
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtest_external.php XSS via a crafted filename.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0