PT-2025-47017

Name of the Vulnerable Software and Affected Versions IPCop versions up to and including 2.1.9 Description IPCop versions up to and including 2.1.9 have an issue allowing authenticated remote code execution within the web-based administration interface. The email configuration component inserts...

EUVD-2025-22077

Malicious code in bioql PyPI...

CVE-2025-41677

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession...

CVE-2025-41677

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession...

CVE-2025-41677

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession...

CVE-2025-41677

CVE-2025-41677 describes a resource exhaustion vulnerability in MB CONNECT LINE mbNET.mini (and related Helmholz/mbNET.mini variants) where an attacker with high privileges can remotely exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in rapi...

CVE-2025-41677 Resource Exhaustion via POST Requests to send-mail Action

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession...

CVE-2025-41677 Resource Exhaustion via POST Requests to send-mail Action

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession...

YouDianCMS SQL注入漏洞

YouDianCMS is a website CMS. A SQL injection vulnerability exists in YoudianCMS v9.5.0, which originates from the lack of validation of the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php against external SQL input. This vulnerability can be exploited by attackers to execute...

PT-2006-4419 · Invision · Invision Power Board

Name of the Vulnerable Software and Affected Versions: Invision Power Board version 1.3 Final Description: The issue concerns SQL injection vulnerabilities that could allow remote attackers to execute arbitrary SQL commands. This is allegedly possible via the CODE parameter in certain actions in...

CVE-2006-3544

Multiple SQL injection vulnerabilities in Invision Power Board IPB 1.3 Final allow remote attackers to execute arbitrary SQL commands via the CODE parameter in a 1 Stats, 2 Mail, and 3 Reg action in index.php. NOTE: the developer has disputed this issue, stating that "At no point does the CODE...

CVE-2006-1326

Multiple cross-site scripting XSS vulnerabilities in Invision Power Board 2.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 resulttype, 2 searchin, 3 nav, 4 forums, and 5 s parameters in the Search action to index.php; 6 st parameter to index.php with showtopics set to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Invision Power Board 2.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 resulttype, 2 searchin, 3 nav, 4 forums, and 5 s parameters in the Search action to index.php; 6 st parameter to index.php with showtopics set to...

CVE-2006-1326

Multiple cross-site scripting XSS vulnerabilities in Invision Power Board 2.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 resulttype, 2 searchin, 3 nav, 4 forums, and 5 s parameters in the Search action to index.php; 6 st parameter to index.php with showtopics set to...