Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
interspire email marketer 6.1.8 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-19651
admin/functions/remote.php in Interspire Email Marketer up to and including 6.1.6 has Server Side Request Forgery (SSRF) via a what=importurl&url= request with an http or https URL. This also allows reading local files with a file: URL.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
6.5
CVSSv2
CVE-2018-19551
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a checkduplicatetags tagname request to Dynamiccontenttags.php.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
6.5
CVSSv2
CVE-2018-19552
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a deleteblock blockid[] request to Dynamiccontenttags.php.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
6.5
CVSSv2
CVE-2018-19553
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via an updateblock sortorder request to Dynamiccontenttags.php
Interspire Email Marketer
Interspire Email Marketer 6.1.8
6.5
CVSSv2
CVE-2018-19550
Interspire Email Marketer up to and including 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started