Security Bulletin. Vulnerability found in Email Marketer v6.0.0 through v6.5.1
Interspire Email Marketer version 6.0.0 up to and including 6.5.1 allows SQL injection in the Surveys module. If the survey id exists, an unauthenticated attacker could exploit this to extract potentially sensitive information from the database. We recommend that all users of Email Marketer immediately take one of the following corrective actions. If you are … Read more