Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
interspire email marketer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-44790
Interspire Email Marketer up to and including 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.
Interspire Email Marketer
NA
CVE-2022-40777
Interspire Email Marketer up to and including 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an in...
Interspire Email Marketer
445
VMScore
CVE-2018-21235
An issue exists in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer.
Foxitsoftware E-mail Advertising System
356
VMScore
CVE-2018-19651
admin/functions/remote.php in Interspire Email Marketer up to and including 6.1.6 has Server Side Request Forgery (SSRF) via a what=importurl&url= request with an http or https URL. This also allows reading local files with a file: URL.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
578
VMScore
CVE-2018-19551
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a checkduplicatetags tagname request to Dynamiccontenttags.php.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
578
VMScore
CVE-2018-19552
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a deleteblock blockid[] request to Dynamiccontenttags.php.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
578
VMScore
CVE-2018-19553
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via an updateblock sortorder request to Dynamiccontenttags.php
Interspire Email Marketer
Interspire Email Marketer 6.1.8
655
VMScore
CVE-2018-19550
Interspire Email Marketer up to and including 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI.
Interspire Email Marketer
Interspire Email Marketer 6.1.8
1 EDB exploit
578
VMScore
CVE-2018-19549
Interspire Email Marketer up to and including 6.1.6 has SQL Injection via a tagids Delete action to Dynamiccontenttags.php.
Interspire Email Marketer
1000
VMScore
CVE-2017-14322
The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) before 6.1.6 allows remote malicious users to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted valu...
Interspire Email Marketer
1 EDB exploit
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started