101 matches found
WordPress Plugin WP Mail Log 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WP Mail Log Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)
Software WP Mail Log Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3088 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID c9c7904c5be6 Credits Alex Thomas Required privile...
WP Mail Log < 1.1.2 - Unauthenticated Stored Cross-Site Scripting
The plugin does not properly sanitize and escape email contents, leading to a potential Stored Cross-Site Scripting vulnerability. This issue allows for arbitrary web scripts to be injected into pages, which will execute when a user accesses an affected page...
CVE-2022-45807
Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...
CVE-2022-45807
Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...
CVE-2022-45807 WordPress WP Mail Log Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...
CVE-2022-45807 WordPress WP Mail Log Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF in WPVibes WP Mail Log plugin = 1.0.1 versions...
CVE-2022-45807
CVE-2022-45807 is a CSRF vulnerability in the WPVibes WP Mail Log plugin, affecting versions <= 1.0.1. The NVD entry reports a CVSS v3.1 base score of 8.8 (HIGH) with network attack vector, requiring user interaction and no privileges, and impact to confidentiality, integrity, and availability...
WordPress Plugin WP Mail Log 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2023-14759 · Wpvibes · Wpvibes Wp Mail Log
Name of the Vulnerable Software and Affected Versions: WPVibes WP Mail Log plugin versions 1.0.1 and earlier Description: The issue is related to Cross-Site Request Forgery CSRF in the WPVibes WP Mail Log plugin. This means an attacker can trick a user into performing unintended actions on a web...
CVE-2020-12784
cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...
CVE-2020-12784
cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...
Design/Logic Flaw
cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...
CVE-2020-12784
CVE-2020-12784 affects cPanel prior to 86.0.14. The issue allows remote attackers to trigger a bandwidth suspension by abusing specific mail log strings (SEC-505). Public references (NVD/Red Hat/CVE listings) corroborate a network-trajectory issue with low attack complexity and no authentication ...
CVE-2020-12784
cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings SEC-505...
CVE-2012-2324
Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...
Sql injection
Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...
Mandriva Update for mailgraph MDVA-2010:206 (mailgraph)
Check for the Version of mailgraph OpenVAS Vulnerability Test Mandriva Update for mailgraph MDVA-2010:206 mailgraph Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CVE-2001-1075
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file...