CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

270 matches found

Positive Technologies•added 2023/02/10 12:0 a.m.•2 views

PT-2023-16520 · Modoboa · Modoboa

Name of the Vulnerable Software and Affected Versions: modoboa/modoboa versions prior to 2.0.4 Description: The issue is related to an Authentication Bypass by Primary Weakness. There is no information provided about the estimated number of potentially affected devices worldwide or real-world...

9.8CVSS8.3AI score0.15088EPSS

Exploits4References11

CVE•added 2023/02/10 12:0 a.m.•104 views

CVE-2023-0777

CVE-2023-0777 affects modoboa/modoboa up to version 2.0.4, enabling an unauthenticated admin takeover due to a primary weakness in authentication. The NVD entry lists a critical CVSS v3.1 score (9.8) with network access, no privileges, and full confidentiality/Integrity/Availability impact. Conne...

9.8CVSS9.2AI score0.15088EPSS

Exploits4References3Affected Software1

OSV•added 2023/02/10 12:0 a.m.•13 views

CVE-2023-0777 Authentication Bypass by Primary Weakness in modoboa/modoboa

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...

8.6CVSS8.6AI score0.15088EPSS

Exploits4References5

Veracode•added 2023/02/08 8:47 a.m.•16 views

Cross-Site Scripting (XSS)

modoboa is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of santization in the name fields while creating accounts, which allows an attacker to inject and execute arbitrary JavaScript when viewing the logs and identities pages...

5.4CVSS5.5AI score0.00498EPSS

Exploits1References5Affected Software1

CNVD•added 2023/02/08 12:0 a.m.•15 views

Modoboa Cross-Site Scripting Vulnerability

modoboa is an email hosting and management platform for individual developers. A cross-site scripting vulnerability exists in versions prior to modoboa 2.0.4. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

7.1CVSS5.3AI score0.00498EPSS

Exploits1References1

Veracode•added 2023/02/01 4:26 a.m.•14 views

Cross-Site Scripting (XSS)

modoboa is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user input before it outputs to the front end via the domain creation form, allowing an attacker to inject and execute malicious JavaScript on a victim's browser...

5.4CVSS5.2AI score0.00613EPSS

Exploits1References4Affected Software1

CNVD•added 2023/01/30 12:0 a.m.•13 views

modoboa cross-site request forgery vulnerability

modoboa is an email hosting and management platform for individual developers. modoboa versions prior to 2.0.4 are vulnerable to cross-site request forgery. An attacker could exploit this vulnerability to perform cross-site request forgery CSRF attacks...

5.4CVSS3.5AI score0.00386EPSS

Exploits1References1

CNVD•added 2023/01/30 12:0 a.m.•18 views

modoboa Cross-site Request Forgery Vulnerability (CNVD-2023-05396)

6.5CVSS3.5AI score0.00348EPSS

Exploits1References1

vulnersOsv•added 2023/01/27 12:30 a.m.•2 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0470 via modoboa (=1.17.0)

modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-0470 Source advisory: OSV:GHSA-C467-5C2G-JP86...

7.1CVSS6.6AI score0.00613EPSS

Exploits1

OSV•added 2023/01/27 12:30 a.m.•22 views

GHSA-JM3M-WR3P-HJRQ Cross-site Scripting in modoboa

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS5.4AI score0.00498EPSS

Exploits1References5

vulnersOsv•added 2023/01/27 12:30 a.m.•3 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0519 via modoboa (=1.17.0)

7.1CVSS6.6AI score0.00498EPSS

Exploits1

Github Security Blog•added 2023/01/27 12:30 a.m.•24 views

Cross-site Scripting in modoboa

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS5.2AI score0.00498EPSS

Exploits1References5Affected Software1

Github Security Blog•added 2023/01/27 12:30 a.m.•22 views

Cross-site Scripting in modoboa

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS5.2AI score0.00613EPSS

Exploits1References5Affected Software1

OSV•added 2023/01/27 12:30 a.m.•24 views

GHSA-C467-5C2G-JP86 Cross-site Scripting in modoboa

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS5.4AI score0.00613EPSS

Exploits1References5

NVD•added 2023/01/26 11:15 p.m.•25 views

CVE-2023-0519

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS5.8AI score0.00498EPSS

Exploits1References2

vulnersOsv•added 2023/01/26 11:15 p.m.•2 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0519 via modoboa (=1.17.0)

7.1CVSS6.6AI score0.00498EPSS

Exploits1

Prion•added 2023/01/26 11:15 p.m.•22 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

6.8CVSS5.3AI score0.00498EPSS

Exploits1References2Affected Software1

PyPA•added 2023/01/26 11:15 p.m.•4 views

PYSEC-2023-31

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS6AI score0.00498EPSS

Exploits1References5Affected Software1

OSV•added 2023/01/26 11:15 p.m.•14 views

PYSEC-2023-31

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS6.6AI score0.00498EPSS

Exploits1References5

NVD•added 2023/01/26 10:15 p.m.•15 views

CVE-2023-0470

Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...

7.1CVSS5.8AI score0.00613EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by