Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
Maitra 1.7.2 allows attackers to access sensitive data and control the database
CVE-2018-25180
Summary
Maitra's mail management software has a security flaw that lets someone with a legitimate login access sensitive data and control the database. This could allow them to view or steal confidential information and disrupt the system. Update to the latest version to fix this issue.
Original title
Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inm...
Original description
Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application directory to extract sensitive mail tracking data and credentials.
nvd CVSS3.1
7.1
nvd CVSS4.0
7.1
Vulnerability type
CWE-89
SQL Injection
Published: 6 Mar 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026