SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.
References
Link | Resource |
---|---|
https://blog.to.com/advisory-superwebmailer-cve-2020-11546/ | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-07-14 20:15
Updated : 2024-02-04 21:00
NVD link : CVE-2020-11546
Mitre link : CVE-2020-11546
CVE.ORG link : CVE-2020-11546
JSON object : View
Products Affected
superwebmailer
- superwebmailer
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')