RSS   Vulnerabilities for 'Emlsoft'   RSS

2018-08-06
 
CVE-2018-14968

CWE-89
 

 
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter.

 
 
CVE-2018-14967

CWE-89
 

 
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter.

 
 
CVE-2018-14966

CWE-352
 

 
An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF.

 
 
CVE-2018-14965

CWE-352
 

 
An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF.

 
 
CVE-2018-14964

CWE-79
 

 
An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page.

 


Copyright 2018, cxsecurity.com

 

Back to Top