VYPR

EMLsoft

by EMLsoft

CVEs (4)

  • CVE-2018-14968CriAug 6, 2018
    EMLsoft
    EMLsoft
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter.

  • CVE-2018-14967HigAug 6, 2018
    EMLsoft
    EMLsoft
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter.

  • CVE-2018-14965HigAug 6, 2018
    EMLsoft
    EMLsoft
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF.

  • CVE-2018-14964MedAug 6, 2018
    EMLsoft
    EMLsoft
    risk 0.35cvss 5.4epss 0.01

    An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page.