5 matches found
CVE-2025-63419
Cross Site Scripting XSS vulnerability in CrushFTP 11.3.648. The Web-Based Server has a feature where users can share files, the feature reflects the filename to an emailbody field with no sanitations leading to HTML Injection...
CVE-2025-63419
Cross Site Scripting XSS vulnerability in CrushFTP 11.3.648. The Web-Based Server has a feature where users can share files, the feature reflects the filename to an emailbody field with no sanitations leading to HTML Injection...
EUVD-2012-2569
Malware in sbrugna...
Exploit for Argument Injection in Php
This repository is an exploit module for CVE-2018-19518, a vulnerability in the PHPMailer library. The exploit is written in Python and targets the PHPMailer library's use of the "mail" function to send emails. The vulnerability allows an attacker to inject malicious code into the email body, whi...
CVE-2017-11617
Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...