Vulnerabilities (CVE)

Filtered by vendor Activewebsoftwares Subscribe
Filtered by product Active Newsletter
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6286 1 Activewebsoftwares 1 Active Newsletter 2024-11-21 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in SubscriberStart.asp in Active Newsletter 4.3 allow remote attackers to execute arbitrary SQL commands via (1) the email parameter (aka username or E-mail field), or (2) the password parameter (aka password field), to (a) Subscriber.asp or (b) start.asp. NOTE: some of these details are obtained from third party information.