214 matches found
CVE-2026-2120 D-Link DIR-823X Configuration Parameter set_server_settings os command injection
A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...
CVE-2026-2120 D-Link DIR-823X Configuration Parameter set_server_settings os command injection
A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...
PT-2026-3799
GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery CSRF vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not...
CVE-2018-18949
Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings...
CVE-2024-34882
Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send SMTP account passwords to an arbitrary server via HTTP POST request...
CVE-2024-34891
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read Exchange account passwords via HTTP GET request...
IPFire Cross-Site Scripting Vulnerability (CNVD-2025-27702)
IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by mail server settings. An attacker can exploit this...
EUVD-2025-36513
IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the UPDATEVALUE parameter when updating the default time synchronization settings. When the default values...
CVE-2025-34316 IPFire < v2.29 Stored XSS via Mail Server Settings
IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the txtmailuser and txtmailpass parameters when updating the mail server settings. When a user updates the mail...
IPFire 安全漏洞
IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by mail server settings. An attacker can exploit this...
EUVD-2020-2994
Malware in sbrugna...
EUVD-2019-9073
Malware in sbrugna...
EUVD-2019-10127
Malware in sbrugna...
EUVD-2024-42741
Malicious code in bioql PyPI...
EUVD-2023-26614
Malicious code in bioql PyPI...
EUVD-2023-28545
Malicious code in bioql PyPI...
EUVD-2022-32561
Malicious code in bioql PyPI...
EUVD-2022-47964
Malicious code in bioql PyPI...
EUVD-2023-32396
Malicious code in bioql PyPI...
EUVD-2022-48744
Malicious code in bioql PyPI...