Lucene search

K

MitreCVELIST:CVE-2018-19651

HistoryNov 28, 2018 - 10:00 p.m.

CVE-2018-19651

2018-11-2822:00:00

mitre

www.cve.org

6

interspire email marketer

ssrf

remote.php

cve-2018-19651

server side request forgery

EPSS

0.001

Percentile

28.4%

admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request Forgery (SSRF) via a what=importurl&url= request with an http or https URL. This also allows reading local files with a file: URL.

References

medium.com/%40namhb/ssrf-to-lfi-in-interspire-email-marketer-698a748462a9

EPSS

0.001

Percentile

28.4%

Related for CVELIST:CVE-2018-19651

prion1 nvd1 cve1