Vulnerabilities > Interspire > Email Marketer > 6.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-09 | CVE-2022-44790 | SQL Injection vulnerability in Interspire Email Marketer Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. | 7.5 |
2022-10-11 | CVE-2022-40777 | Unrestricted Upload of File with Dangerous Type vulnerability in Interspire Email Marketer Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. | 8.8 |