phpmynewsletter software vulnerabilities
vulnerabilities.aspcode.net
Searching phpmynewsletter software vulnerabilities
admin/index.php in Gregory Kokanosky phpMyNewsl
phpMyNewsletter
|
admin/indexphp
|
configuration
|
modification
|
Kokanosky
|
attackers
|
provides
|
Gregory
|
earlier
|
service
|
allows
|
remote
|
before
|
access
|
denial
|
cause
|
beta5
|
login
|
which
|
admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action.
admin/send_mod.php in Gregory Kokanosky phpMyNe
admin/send_modphp
|
phpMyNewsletter
|
administrative
|
credentials
|
Kokanosky
|
attackers
|
Location
|
subject
|
compose
|
message
|
missing
|
request
|
earlier
|
Gregory
|
list_id
|
fields;
|
admin/
|
format
|
direct
|
e-mail
|
header
|
prints
|
remote
|
allows
|
MsgId
|
value
|
which
|
beta5
|
under
|
send
|
post
|
exit
|
does
|
via
|
but
|
not
|
admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/.
Software vulnerabilities results 1 to 3 of 3
Page:
1