active newsletter vulnerabilities and exploits

(subscribe to this query)

SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the NewsPaperID parameter.

Active Web Softwares Active Newsletter

1 EDB exploit

Multiple SQL injection vulnerabilities in SubscriberStart.asp in Active Newsletter 4.3 allow remote malicious users to execute arbitrary SQL commands via (1) the email parameter (aka username or E-mail field), or (2) the password parameter (aka password field), to (a) Subscriber....

Activewebsoftwares Active Newsletter 4.3

1 EDB exploit

The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin prior to 3.1.61 does not sanitise and escape a parameter before outputting it back in the admin dashboard when the WPML plugin is also active and configured, leading to a Reflected Cross-Site...

Unknown Newsletter, Smtp, Email Marketing And Subscribe Forms By Sendinblue Brevo Newsletter, Smtp, Email Marketing And Subscribe

In the module "Newsletter Popup PRO with Voucher/Coupon code" (newsletterpop) before version 2.6.1 from Active Design for PrestaShop, a guest can perform SQL injection in affected versions. The method `NewsletterpopsendVerificationModuleFrontController::checkEmailSubscr...

Prestashop Newsletter Popup Pro Activedesign Newsletterpop

Shopware is an open source e-commerce software platform. before 6.6.10.3 or 6.5.8.17, the default settings for double-opt-in allow for mass unsolicited newsletter sign-ups without confirmation. Default settings are Newsletter: Double Opt-in set to active, Newsletter: Double opt-i...

Shopware Shopware

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook