OI » Email Marketing System : Security Vulnerabilities, CVEs,
Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password.
Max CVSS
1.7
EPSS Score
0.04%
Published
2006-02-28
Updated
2018-10-18
SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
Max CVSS
7.5
EPSS Score
0.60%
Published
2006-02-28
Updated
2018-10-18
2 vulnerabilities found