4 matches found
CVE-2026-43880 WWBN AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Allows Phishing from Site's Legitimate From Address
WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated...
CVE-2026-8142
Technical details are not publicly available in the provided documents. Monitor for updates.
PT-2019-4125 · Trustwave +1 · Opendmarc +1
Name of the Vulnerable Software and Affected Versions: OpenDMARC versions 1.3.2 and earlier OpenDMARC versions 1.4.x through 1.4.0-Beta1 Description: The issue is related to a signature-bypass vulnerability, specifically when dealing with multiple From: addresses in email messages. This could...
Stalker CommuniGate Pro Label Validation Vulnerability
Stalker CommuniGate Pro CGP is a comprehensive mail transfer agent MTA developed by Stalker Software, Inc. that supports multiple platforms. A security vulnerability in the implementation of the 'XML Interface to Messaging, Scheduling, and Signaling' XIMSS protocol in Stalker CGP version 6.2 stem...