Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
newsletter vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2004-0621
admin.php in Newsletter ZWS allows remote malicious users to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.
Zaireweb Solutions Newsletter Zws
1 EDB exploit
890
VMScore
CVE-2014-1634
SQL Injection exists in Advanced Newsletter Magento extension prior to 2.3.5 via the /store/advancednewsletter/index/subscribeajax/an_category_id/ PATH_INFO.
Magento Advanced Newsletter
828
VMScore
CVE-2020-24433
Adobe Acrobat Reader DC versions 2020.012.20048 (and previous versions), 2020.001.30005 (and previous versions) and 2017.011.30175 (and previous versions) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delet...
Adobe Acrobat
Adobe Acrobat Dc
Adobe Acrobat Reader
Adobe Acrobat Reader Dc
760
VMScore
CVE-2007-2792
SQL injection vulnerability in the Yet another Newsletter Component (aka YaNC or com_yanc) component prior to 1.5 beta 3 for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the listid parameter to index.php. NOTE: some of these details are ob...
Com Yanc Com Yanc 1.4 Beta
2 EDB exploits
755
VMScore
CVE-2008-6861
Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote malicious users to bypass authentication and gain administrative access by setting a cookie to a certain value.
Xigla Absolute Newsletter 6.1
Xigla Absolute Newsletter 6.0
1 EDB exploit
755
VMScore
CVE-2008-6286
Multiple SQL injection vulnerabilities in SubscriberStart.asp in Active Newsletter 4.3 allow remote malicious users to execute arbitrary SQL commands via (1) the email parameter (aka username or E-mail field), or (2) the password parameter (aka password field), to (a) Subscriber....
Activewebsoftwares Active Newsletter 4.3
1 EDB exploit
755
VMScore
CVE-2008-4625
SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683.
Shiftthis Shifthis Newsletter
1 EDB exploit
755
VMScore
CVE-2008-0683
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the newsletter parameter.
Wordpress St Newsletter Plugin
1 EDB exploit
755
VMScore
CVE-2008-0510
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote malicious users to execute arbitrary SQL commands via the listid parameter.
Mambo Mambo 4.5
Joomla Com Newsletter
Mambo Com Newsletter
1 EDB exploit
755
VMScore
CVE-2007-1696
SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the NewsPaperID parameter.
Active Web Softwares Active Newsletter
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »