Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
newsletter vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-0683
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the newsletter parameter.
Wordpress St Newsletter Plugin
1 EDB exploit
6.8
CVSSv2
CVE-2017-18512
The newsletter-by-supsystic plugin prior to 1.1.8 for WordPress has CSRF.
Supsystic Newsletter By Supsystic
5.1
CVSSv2
CVE-2006-2608
artmedic newsletter 4.1 and possibly other versions, when register_globals is enabled, allows remote malicious users to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefin...
Artmedic Webdesign Artmedic Newsletter 4.1
1 EDB exploit
NA
CVE-2023-25020
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
Kibokolabs Arigato Autoresponder And Newsletter
NA
CVE-2023-25031
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions.
Kibokolabs Arigato Autoresponder And Newsletter
NA
CVE-2023-25061
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
Kibokolabs Arigato Autoresponder And Newsletter
6.8
CVSSv2
CVE-2009-0340
Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote malicious users to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
Quirm Simple Php Newsletter 1.5
1 EDB exploit
NA
CVE-2023-3540
A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to launch...
Simplephpscripts Newsletter Script Php 2.4
3.5
CVSSv2
CVE-2018-1002005
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
Kibokolabs Arigato Autoresponder And Newsletter
1 EDB exploit
NA
CVE-2023-45829
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in HappyBox Newsletter & Bulk Email Sender – Email Newsletter Plugin for WordPress plugin <= 2.0.1 versions.
Happybox Newsletter \\& Bulk Email Sender
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »