53 matches found
CVE-2021-41083
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...
EUVD-2025-139342
Malicious code in nurai-sutaf-dada npm...
Malicious code in nurai-sutaf-dada (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef81260b40f691cd7318c7d0e3d02b15f31174d3edb2ea9bdc3daa17097b6b31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2005-2596
Malware in sbrugna...
EUVD-2020-16477
Malware in sbrugna...
EUVD-2021-28232
Malicious code in bioql PyPI...
CVE-2020-23736
There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes BSOD...
MiniCMS 跨站请求伪造漏洞
MiniCMS is a mini content management system designed for personal websites by Dada bg5sbk, an individual developer. A cross-site request forgery vulnerability exists in MiniCMS version 1.11, which originates from an unknown function in the file page-edit.php that can lead to cross-site request...
dada-records.de Cross Site Scripting vulnerability OBB-3692230
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dada-records.de Cross Site Scripting vulnerability OBB-3512875
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dada-records.de Cross Site Scripting vulnerability OBB-3494798
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dada-records.de Cross Site Scripting vulnerability OBB-3459627
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dada-records.de Cross Site Scripting vulnerability OBB-3456511
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dada-records.de Cross Site Scripting vulnerability OBB-3412469
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dada-records.de Cross Site Scripting vulnerability OBB-3172877
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Dada Mail Cross-Site Request Forgery Vulnerability
Dada Mail is a web-based email list management system. A cross-site request forgery vulnerability exists in Dada Mail versions prior to 11.16.0. An attacker could send a crafted web page to obtain information about a user's account...
CVE-2021-41083
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...
CVE-2021-41083
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...
Cross site request forgery (csrf)
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...
CVE-2021-41083
CVE-2021-41083 is a CSRF vulnerability in Dada Mail prior to version 11.16.0. In affected versions, a user who is logged into the list control panel could be induced to visit a malicious page (via phishing email/SMS, etc.) that allows an attacker to perform actions in the user’s session, includin...