MidnightBSD

Advisories for sendy

CVE-2014-100011 HIGH

SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote attackers to execute arbitrary SQL commands via the c parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
sendy sendy 1.1.9.1
CVE-2014-100012 HIGH

SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
sendy sendy 1.1.8.4