Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

59 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-5061

Malware in sbrugna...

9CVSS7AI score0.00833EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-19126

Malware in sbrugna...

6.1CVSS6.3AI score0.01214EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2023-32348

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00429EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-46622

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00562EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-46623

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00578EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/07/15 8:26 a.m.14 views

CVE-2024-6741 Openfind Mail2000 - HttpOnly flag bypass

Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled...

5.8CVSS7AI score0.00644EPSS
Exploits1References3
Cvelist
Cvelistadded 2024/07/15 8:26 a.m.31 views

CVE-2024-6741 Openfind Mail2000 - HttpOnly flag bypass

Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled...

5.8CVSS0.00644EPSS
Exploits1References3
CVE
CVEadded 2024/07/15 8:26 a.m.72 views

CVE-2024-6741

Summary: Multiple sources describe a vulnerability in Openfind Mail2000 where the HttpOnly flag can be bypassed, enabling unauthenticated remote attackers to obtain the session cookie via crafted JavaScript. Affected product: Openfind Mail2000 (email web system). Technical details: Bypass of Http...

5.8CVSS5.5AI score0.00644EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2024/07/15 8:15 a.m.2 views

CVE-2024-6740

Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks...

6.1CVSS5.9AI score0.00502EPSS
Exploits1References3
NVD
NVDadded 2024/07/15 8:15 a.m.24 views

CVE-2024-6740

Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks...

6.1CVSS0.00502EPSS
Exploits1References3
Cvelist
Cvelistadded 2024/07/15 8:0 a.m.29 views

CVE-2024-6740 Openfind Mail2000 - Stored XSS

Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks...

6.1CVSS0.00502EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2024/07/15 8:0 a.m.31 views

CVE-2024-6740 Openfind Mail2000 - Stored XSS

Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks...

6.1CVSS6.7AI score0.00502EPSS
Exploits1References3
CNNVD
CNNVDadded 2024/07/15 12:0 a.m.3 views

Openfind Mail2000 Security Vulnerability

Openfind Mail2000 is a web-based email system from China Netrock Information Openfind. A security vulnerability exists in Openfind Mail2000 that originates from allowing bypassing the HttpOnly flag, which allows an unauthenticated, remote attacker to obtain a session cookie with the HttpOnly flag...

5.8CVSS6.7AI score0.00644EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/07/15 12:0 a.m.4 views

PT-2024-37836 · Openfind · Openfind Mail2000

Name of the Vulnerable Software and Affected Versions: Openfind Mail2000 affected versions not specified Description: The issue allows unauthenticated remote attackers to inject JavaScript code within email attachments, resulting in Stored Cross-site scripting attacks, due to improper validation ...

6.1CVSS6.7AI score0.00502EPSS
Exploits1References5
CNNVD
CNNVDadded 2024/07/15 12:0 a.m.21 views

Openfind Mail2000 Cross-Site Scripting Vulnerability

Openfind Mail2000 is a Web-based email system from China's Openfind. A cross-site scripting vulnerability exists in Openfind Mail2000, which originates from not properly validating email attachments, allowing an unauthenticated, remote attacker to inject JavaScript code into the attachments and...

6.1CVSS6.2AI score0.00502EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/07/15 12:0 a.m.6 views

PT-2024-37837 · Openfind · Openfind Mail2000

Name of the Vulnerable Software and Affected Versions: Openfind Mail2000 affected versions not specified Description: The issue allows unauthenticated remote attackers to bypass the HttpOnly flag. Attackers can exploit this using specific JavaScript code to obtain the session cookie with the...

5.8CVSS7.3AI score0.00644EPSS
Exploits1References6
OSV
OSVadded 2024/05/27 6:15 a.m.3 views

CVE-2024-5400

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

8.8CVSS6.1AI score0.00578EPSS
Exploits0References1
NVD
NVDadded 2024/05/27 6:15 a.m.9 views

CVE-2024-5400

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

8.8CVSS9.1AI score0.00578EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/05/27 5:36 a.m.22 views

CVE-2024-5400 Openfind Mail2000 - OS Command Injection

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

8.8CVSS7.9AI score0.00578EPSS
Exploits0References1
CVE
CVEadded 2024/05/27 5:36 a.m.67 views

CVE-2024-5400

CVE-2024-5400 affects Openfind Mail2000, where a CGI parameter handling vulnerability enables OS command injection. Multiple sources describe that remote attackers with regular privileges can exploit improper filtering of specific CGI parameters to execute arbitrary system commands on the remote ...

8.8CVSS9.1AI score0.00578EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder