EUVD-2018-6835

Malware in sbrugna...

WordPress PCRecruiter Extensions plugin <= 1.4.22 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by yudha in WordPress Plugin PCRecruiter Extensions versions = 1.4.22...

PT-2024-33233 · Lorex · Com.Lorexcorp.Lorexping

Name of the Vulnerable Software and Affected Versions: com.lorexcorp.lorexping version 1.4.22 Description: An issue in the firmware update process allows a remote attacker to obtain sensitive information. Recommendations: For version 1.4.22, update to a newer version that contains a fix for this...

CVE-2023-33981

Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one...

CVE-2023-33980

Bramble Synchronisation Protocol BSP in Briar before 1.4.22 allows attackers to cause a denial of service repeated application crashes via a series of long messages to a contact...

Briar 安全漏洞

Briar is an open source software communication technology from Briar Open Source. It is designed to provide secure and resilient peer-to-peer communications that operate without a central server and minimize external dependencies. A security vulnerability exists in versions of Briar prior to 1.4....

PT-2023-24614 · Briar · Briar

Name of the Vulnerable Software and Affected Versions: Briar versions prior to 1.4.22 Description: The issue allows attackers to cause a denial of service, resulting in repeated application crashes, by sending a series of long messages to a contact. This is achieved through the Bramble...

PT-2023-24615 · Briar · Briar

Name of the Vulnerable Software and Affected Versions: Briar versions prior to 1.4.22 Description: The issue allows attackers to spoof other users' messages in a blog, forum, or private group. However, each spoofed message would need to be an exact duplicate of a legitimate message displayed...

CVE-2023-33980

Bramble Synchronisation Protocol BSP in Briar before 1.4.22 allows attackers to cause a denial of service repeated application crashes via a series of long messages to a contact...

Briar 资源管理错误漏洞

Briar is an open source software communication technology from Briar Open Source. It is designed to provide secure and resilient peer-to-peer communications that operate without a central server and minimize external dependencies. A security vulnerability exists in Briar versions prior to 1.4.22...

SUSE CVE-2018-14954

The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute...

SquirrelMail code issue vulnerability (CNVD-2021-29843)

SquirrelMail is a set of PHP language development , cross-platform Webmail mail system . A code issue vulnerability exists in the compose.php file in SquirrelMail version 1.4.22. The vulnerability stems from an improper design or implementation during code development for a web system or product...

SquirrelMail Code Issue Vulnerability

SquirrelMail is a set of PHP language development , cross-platform Webmail mail system . A code issue vulnerability exists in the compose.php file in SquirrelMail version 1.4.22. The vulnerability stems from an improper design or implementation during code development for a web system or product...

CVE-2020-14933

compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object injection are not satisfied: existence of a PHP magic method such as wakeup or destruct, and any...

CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

PT-2020-14070 · Squirrelmail · Squirrelmail

Name of the Vulnerable Software and Affected Versions: SquirrelMail version 1.4.22 Description: The issue arises in compose.php, where the $attachments value from an HTTP POST request is passed to unserialize. This could potentially lead to PHP object injection. However, the vendor disputes this,...

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2019-20986)

SquirrelMail is a set of PHP language development , cross-platform Webmail mail system . A cross-site scripting vulnerability exists in SquirrelMail versions 1.4.22 and later and version 1.5.x before 1.5.2. The vulnerability stems from a lack of proper validation of client data by the web...

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2018-17524)

SquirrelMail is a cross-platform use of PHP4 development Webmail mail system . A cross-site scripting vulnerability exists in the email message display page in SquirrelMail 1.4.22 and earlier versions. This vulnerability can be exploited by remote attackers to inject malicious scripts into a web...

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2019-19608)

SquirrelMail is a cross-platform use of PHP4 development Webmail mail system . A cross-site scripting vulnerability exists in the email message display page in SquirrelMail 1.4.22 and earlier versions, which can be exploited by remote attackers to inject malicious scripts into a web page and...

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2019-19609)

SquirrelMail is a cross-platform use of PHP4 development Webmail mail system . A cross-site scripting vulnerability exists in the email message display page of SquirrelMail 1.4.22 and earlier versions, which can be exploited by remote attackers to inject malicious scripts into a web page and...