SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.
References
Link | Resource |
---|---|
https://blog.to.com/advisory-superwebmailer-cve-2020-11546/ | Exploit Third Party Advisory |
https://blog.to.com/advisory-superwebmailer-cve-2020-11546/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://blog.to.com/advisory-superwebmailer-cve-2020-11546/ - Exploit, Third Party Advisory |
Information
Published : 2020-07-14 20:15
Updated : 2024-11-21 04:58
NVD link : CVE-2020-11546
Mitre link : CVE-2020-11546
CVE.ORG link : CVE-2020-11546
JSON object : View
Products Affected
superwebmailer
- superwebmailer
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')