CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56 matches found

RedhatCVE•added 2025/05/22 4:11 p.m.•3 views

CVE-2020-21783

In IBOS 4.5.4 the email function has a cross site scripting XSS vulnerability in emailbodycontent parameter...

6.1CVSS5.7AI score0.0024EPSS

Exploits1

RedhatCVE•added 2025/03/23 12:24 a.m.•15 views

CVE-2025-29230

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the pt"email" parameter...

8.6CVSS8AI score0.00251EPSS

Exploits0References1

Vulnrichment•added 2025/01/13 12:0 a.m.•7 views

CVE-2023-42226

Pat Infinite Solutions HelpdeskAdvanced = 11.0.33 is vulnerable to Directory Traversal via Email/SaveAttachment function...

7.5AI score0.00529EPSS

Exploits0References1

CVE•added 2025/01/13 12:0 a.m.•19 views

CVE-2023-42226

Pat Infinite Solutions HelpdeskAdvanced

7.5CVSS6.6AI score0.00529EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/07/20 7:38 a.m.•13 views

CVE-2024-6635 WooCommerce - Social Login <= 2.7.3 - Unauthenticated Authentication Bypass

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.3. This is due to insufficient controls in the 'wooslgloginemail' function. This makes it possible for unauthenticated attackers to log in as any existing user on the...

7.3CVSS7.1AI score0.00329EPSS

Exploits0References2

CNNVD•added 2024/03/13 12:0 a.m.•1 views

WordPress Plugin EventPrime Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.3CVSS6.5AI score0.00229EPSS

Exploits0References3

OSV•added 2024/03/06 11:10 a.m.•15 views

BIT-DISCOURSE-2020-24327

Server Side Request Forgery SSRF vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites...

5.3CVSS5.3AI score0.00188EPSS

Exploits1References3

Vulnrichment•added 2023/06/25 12:0 a.m.•10 views

CVE-2023-36632

The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed ...

6.7AI score0.00279EPSS

Exploits1References4

OSV•added 2022/10/19 6:15 p.m.•14 views

CVE-2022-43018

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the email parameter in the Check Email function...

6.1CVSS6.1AI score0.0245EPSS

Exploits2References2

Vulnrichment•added 2022/10/19 12:0 a.m.•8 views

CVE-2022-43018

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the email parameter in the Check Email function...

6.1AI score0.0245EPSS

Exploits2References2

Cvelist•added 2022/10/19 12:0 a.m.•14 views

CVE-2022-43018

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the email parameter in the Check Email function...

6.2AI score0.0245EPSS

Exploits2References2

Positive Technologies•added 2022/10/17 12:0 a.m.•5 views

PT-2022-7072 · Opencats · Opencats

Name of the Vulnerable Software and Affected Versions: OpenCATS version 0.9.6 Description: The issue is related to a reflected cross-site scripting XSS vulnerability in the Check Email function of OpenCATS. This vulnerability can be exploited via the email parameter, potentially allowing a remote...

6.4CVSS5.9AI score0.0245EPSS

Exploits2References7

OSV•added 2021/09/23 6:15 p.m.•14 views

CVE-2020-24327

Server Side Request Forgery SSRF vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites...

5.3CVSS7.1AI score

Exploits0References2

Prion•added 2021/09/23 6:15 p.m.•14 views

Server side request forgery (ssrf)

Server Side Request Forgery SSRF vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites...

5CVSS5.4AI score0.00188EPSS

Exploits1References2Affected Software1

CNVD•added 2021/09/08 12:0 a.m.•16 views

EyouCMS Cross-Site Scripting Vulnerability (CNVD-2021-82430)

EyouCms is a free and open source enterprise content management system based on the TP5.0 framework that focuses on the needs of enterprise website users. A remote attacker can use the title parameter in the bindemail function to inject arbitrary web script or HTML...

4.3CVSS1.8AI score0.00405EPSS

Exploits1Affected Software1

OSV•added 2021/09/07 8:15 p.m.•11 views

CVE-2021-39499

A Cross-site scripting XSS vulnerability in Users in Qiong ICP EyouCMS 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the title parameter in bindemail function...

6.1CVSS5.8AI score

Exploits0References2

CNNVD•added 2021/09/07 12:0 a.m.•1 views

EyouCms 跨站脚本漏洞

6.1CVSS5.9AI score0.00405EPSS

Exploits1References3

OSV•added 2021/06/24 4:15 p.m.•0 views

CVE-2020-21783

In IBOS 4.5.4 the email function has a cross site scripting XSS vulnerability in emailbodycontent parameter...

6.1CVSS6.3AI score

Exploits0References1