Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
newsletter vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2004-0621
admin.php in Newsletter ZWS allows remote malicious users to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.
Zaireweb Solutions Newsletter Zws
1 EDB exploit
755
VMScore
CVE-2008-0683
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the newsletter parameter.
Wordpress St Newsletter Plugin
1 EDB exploit
NA
CVE-2023-25020
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
Kibokolabs Arigato Autoresponder And Newsletter
NA
CVE-2023-25031
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions.
Kibokolabs Arigato Autoresponder And Newsletter
NA
CVE-2023-25061
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
Kibokolabs Arigato Autoresponder And Newsletter
NA
CVE-2023-3540
A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to launch...
Simplephpscripts Newsletter Script Php 2.4
755
VMScore
CVE-2007-1696
SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the NewsPaperID parameter.
Active Web Softwares Active Newsletter
1 EDB exploit
NA
CVE-2023-47686
Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions.
Kibokolabs Arigato Autoresponder And Newsletter
NA
CVE-2023-45829
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in HappyBox Newsletter & Bulk Email Sender – Email Newsletter Plugin for WordPress plugin <= 2.0.1 versions.
Happybox Newsletter \\& Bulk Email Sender
515
VMScore
CVE-2006-2608
artmedic newsletter 4.1 and possibly other versions, when register_globals is enabled, allows remote malicious users to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefin...
Artmedic Webdesign Artmedic Newsletter 4.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »