SuperWebMailer < 7.40.0.01550 - Unauthenticated Remote Code Execution via Language Parameter
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.