Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
interspire vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-44790
Interspire Email Marketer up to and including 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.
Interspire Email Marketer
8.8
CVSSv3
CVE-2022-40777
Interspire Email Marketer up to and including 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an in...
Interspire Email Marketer
7.5
CVSSv3
CVE-2018-21235
An issue exists in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer.
Foxitsoftware E-mail Advertising System
6.5
CVSSv3
CVE-2018-19651
admin/functions/remote.php in Interspire Email Marketer up to and including 6.1.6 has Server Side Request Forgery (SSRF) via a what=importurl&url= request with an http or https URL. This also allows reading local files with a file: URL.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
8.8
CVSSv3
CVE-2018-19551
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a checkduplicatetags tagname request to Dynamiccontenttags.php.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
8.8
CVSSv3
CVE-2018-19552
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a deleteblock blockid[] request to Dynamiccontenttags.php.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
8.8
CVSSv3
CVE-2018-19549
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a tagids Delete action to Dynamiccontenttags.php.
Interspire Email Marketer
8.8
CVSSv3
CVE-2018-19550
Interspire Email Marketer up to and including 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
1 EDB exploit
8.8
CVSSv3
CVE-2018-19553
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via an updateblock sortorder request to Dynamiccontenttags.php
Interspire Email Marketer
Interspire Email Marketer 6.1.8
9.8
CVSSv3
CVE-2017-14322
The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) before 6.1.6 allows remote malicious users to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted valu...
Interspire Email Marketer
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »