RSS   Vulnerabilities for 'Mailing list manager'   RSS

2009-01-26
 
CVE-2008-5980

CWE-264
 

 
Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb.

 
 
CVE-2008-5979

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter.

 
 
CVE-2008-5978

CWE-89
 

 
Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.

 
2005-05-03
 
CVE-2005-1419

 

 
SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter.

 

 >>> Vendor: Ocean12 technologies 6 Products
Mailing list manager
Membership manager pro
Calendar manager pro
Contact manager
Poll manager
Calendar manager


Copyright 2024, cxsecurity.com

 

Back to Top