MINI-3578-8495-MPMW

Bulletin has no description...

CVE-2026-8495

creationtimestamp| type| source ---|---|--- 2026-05-20 02:32:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmauimk56x2v 2026-06-03 11:01:11+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mnexgahs4r2j...

MAL-2025-8495 Malicious code in @malware-test-betid-skart-pirns-cleft/test-mlw3-betid-skart-pirns-cleft (npm)

The package @malware-test-betid-skart-pirns-cleft/test-mlw3-betid-skart-pirns-cleft was found to contain malicious code...

CVE-2025-8495

A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/editadminquery.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack...

CVE-2025-8495

A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/editadminquery.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack...

CVE-2025-8495

CVE-2025-8495 affects code-projects Intern Membership Management System 1.0. The vulnerability is in an unknown function in the file /admin/edit_admin_query.php; manipulating the Username parameter leads to a remote SQL injection. The exploit has been publicly disclosed, indicating potential in-t...

CVE-2020-8495

In Kronos Web Time and Attendance webTA 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and...

CVE-2024-8495

A null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-8495

creationtimestamp| type| source ---|---|--- 2024-11-12 18:03:07+00:00| seen| https://t.me/cvedetector/10636...

CVE-2023-48115

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...

CVE-2023-48116

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

Cross site scripting

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

PT-2023-30705 · Smartertools · Smartermail

Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 Description: The issue allows stored XSS via a crafted description of a Calendar appointment. Recommendations: For versions 8495 through 8664, update to version 8747 or later to resolve the...

SmarterTools SmarterMail Security Breach

SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, simple mail transfer protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...

SmarterTools SmarterMail Security Breach

SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, Simple Mail Transfer Protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...

PT-2023-30704 · Smartertools · Smartermail

Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 before 8747 Description: The issue allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request. Recommendations: Fo...

SmarterTools SmarterMail Security Breach

SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, Simple Mail Transfer Protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...

PT-2023-30703 · Smartertools · Smartermail

Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 Description: The issue allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows...

Kronos Web Time And Attendance Privilege Escalation (CVE-2020-8495)

A privilege escalation vulnerability exists in Kronos Web Time And Attendance. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Exploit

Exploit for java platform in category web applications Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage:...