CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

270 matches found

Prion•added 2023/02/16 10:15 a.m.•330 views

Input validation

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4...

4.3CVSS7.6AI score0.00653EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/02/16 12:0 a.m.•7 views

CVE-2023-0860 Improper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installer

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4...

7.8CVSS6.8AI score0.00653EPSS

Exploits1References2

Cvelist•added 2023/02/16 12:0 a.m.•33 views

CVE-2023-0860 Improper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installer

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4...

7.8CVSS7.8AI score0.00653EPSS

Exploits1References2

CNNVD•added 2023/02/16 12:0 a.m.•22 views

modoboa 安全漏洞

modoboa is an email hosting and management platform for individual developers. A security vulnerability exists in versions prior to modoboa 2.0.4, which stems from improperly limiting excessive authentication attempts...

7.8CVSS7.3AI score0.00653EPSS

Exploits1References3

Positive Technologies•added 2023/02/16 12:0 a.m.•5 views

PT-2023-16567 · Modoboa · Modoboa-Installer

Name of the Vulnerable Software and Affected Versions: modoboa/modoboa-installer versions prior to 2.0.4 Description: The issue is related to improper restriction of excessive authentication attempts. This can potentially lead to exploitation. Recommendations: For versions prior to 2.0.4, update ...

7.8CVSS7.4AI score0.00653EPSS

Exploits1References8

CVE•added 2023/02/16 12:0 a.m.•51 views

CVE-2023-0860

CVE-2023-0860 affects the GitHub repository modoboa/modoboa-installer, with the vulnerability present in versions prior to 2.0.4. The issue arises from an improper restriction of excessive authentication attempts, as documented across multiple sources. The CVSS indicates a High impact (availabili...

7.8CVSS7.5AI score0.00653EPSS

Exploits1References2Affected Software1

OSV•added 2023/02/16 12:0 a.m.•21 views

CVE-2023-0860 Improper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installer

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4...

7.8CVSS7.6AI score0.00653EPSS

Exploits1References4

Huntr•added 2023/02/13 8:17 p.m.•37 views

No Protection Against Bruteforce Attacks on Login Page in

Description Modoboa does not restrict or limit unsuccessful login attempts allowing an attacker to brute force the password of a known user Proof of Concept Steps to Reproduce: Capture login request with BurpSuite Send to Intruder Replay the login request with a different password value utilizing...

5CVSS7.5AI score0.00653EPSS

Exploits1References1

Huntr•added 2023/02/13 5:15 p.m.•20 views

The XSS playload injected in "Display Name" parameter in creating Contacts are vulnerable to Cross-Site Scripting (Stored/Persistent)

Description The XSS playload injected in "Display Name" parameter in creating Contacts are vulnerable to Cross-Site Scripting Stored/Persistent. Steps to Reproduce: 1. First is go to the user dashboard then contacts: https://demo.modoboa.org/contacts// 2. Then Add new contact, enter the payload...

5.3AI score

Exploits0

vulnersOsv•added 2023/02/10 9:30 p.m.•1 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0777 via modoboa (=1.17.0)

modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-0777 Source advisory: OSV:GHSA-RFHW-FM4M-52J6...

9.8CVSS7.5AI score0.15088EPSS

Exploits4

OSV•added 2023/02/10 9:30 p.m.•17 views

GHSA-RFHW-FM4M-52J6 Authentication Bypass in modoboa

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

9.8CVSS9.1AI score0.15088EPSS

Exploits4References6

Github Security Blog•added 2023/02/10 9:30 p.m.•15 views

Authentication Bypass in modoboa

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

9.8CVSS9AI score0.15088EPSS

Exploits4References6Affected Software1

NVD•added 2023/02/10 7:15 p.m.•34 views

CVE-2023-0777

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

9.8CVSS9.3AI score0.15088EPSS

Exploits4References3

vulnersOsv•added 2023/02/10 7:15 p.m.•4 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0777 via modoboa (=1.17.0)

9.8CVSS7.2AI score0.15088EPSS

Exploits4

Prion•added 2023/02/10 7:15 p.m.•9 views

Authentication flaw

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

5CVSS9.5AI score0.15088EPSS

Exploits4References3Affected Software1

PyPA•added 2023/02/10 7:15 p.m.•6 views

PYSEC-2023-32

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

9.8CVSS6.8AI score0.15088EPSS

Exploits4References6Affected Software1

OSV•added 2023/02/10 7:15 p.m.•13 views

PYSEC-2023-32

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

9.8CVSS7AI score0.15088EPSS

Exploits4References6

Vulnrichment•added 2023/02/10 12:0 a.m.•5 views

CVE-2023-0777 Authentication Bypass by Primary Weakness in modoboa/modoboa

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

8.6CVSS7.2AI score0.15088EPSS

Exploits4References3

OSV•added 2023/02/10 12:0 a.m.•13 views

CVE-2023-0777 Authentication Bypass by Primary Weakness in modoboa/modoboa

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

8.6CVSS8.6AI score0.15088EPSS

Exploits4References5

CNNVD•added 2023/02/10 12:0 a.m.•19 views

modoboa 安全漏洞

modoboa is an email hosting and management platform for individual developers. A security vulnerability exists in versions prior to modoboa 2.0.4. An attacker can bypass authentication by exploiting the vulnerability...

9.8CVSS8AI score0.15088EPSS

Exploits4References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by