SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL commands via the email field on the password reminder page.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| unu_networks | mailgust | 1.9 |
U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive information via a direct request to index.php with method=showfullcsv, which reveals the POP3 server configuration, including account name and password.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| unu_networks | mailgust | 1.9 |