Lucene search
K

197 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-4669

Malware in sbrugna...

5CVSS6.4AI score0.0116EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-0879

Malware in sbrugna...

4.3CVSS6.4AI score0.0172EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-19090

Malware in sbrugna...

6.1CVSS6.3AI score0.00581EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29277

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00842EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-29278

Malicious code in bioql PyPI...

8.8CVSS5.8AI score0.00681EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.7 views

CVE-2023-48116

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

5.4CVSS5.6AI score0.00355EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.7 views

CVE-2023-48115

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...

5.4CVSS5.9AI score0.00355EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 7:44 p.m.7 views

CVE-2021-32234

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution...

9.8CVSS7.6AI score0.02089EPSS
Exploits0References1
NVD
NVD
added 2023/12/21 3:15 p.m.17 views

CVE-2023-48116

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

5.4CVSS0.00355EPSS
Exploits1References2
NVD
NVD
added 2023/12/21 3:15 p.m.19 views

CVE-2023-48115

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...

5.4CVSS0.00355EPSS
Exploits1References2
Prion
Prion
added 2023/12/21 3:15 p.m.20 views

Cross site scripting

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

4.9CVSS5.7AI score0.00355EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/12/21 3:15 p.m.20 views

Cross site scripting

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...

4.9CVSS6AI score0.00355EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.3 views

SmarterTools SmarterMail Security Breach

SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, Simple Mail Transfer Protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...

5.4CVSS5.8AI score0.00355EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/12/21 12:0 a.m.22 views

CVE-2023-48115

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...

5.4AI score0.00355EPSS
Exploits1References2
CVE
CVE
added 2023/12/21 12:0 a.m.37 views

CVE-2023-48115

SmarterMail 8495–8664 before 8747 is vulnerable to stored DOM XSS caused by an XSS protection mechanism being skipped when messageHTML and messagePlainText are set in the same request. Exploitation details are not provided in the documents, but the approved remediation is to upgrade to 8747 or la...

5.4CVSS5.2AI score0.00355EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/12/21 12:0 a.m.20 views

CVE-2023-48116

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

5.3AI score0.00355EPSS
Exploits1References2
CVE
CVE
added 2023/12/21 12:0 a.m.46 views

CVE-2023-48116

CVE-2023-48116 affects SmarterTools SmarterMail 8495–8664; a crafted Calendar appointment description enables stored XSS. Root cause: input in calendar descriptions not properly sanitized, allowing script execution within the web client. Impact is stored XSS as described; exploitation details are...

5.4CVSS5.1AI score0.00355EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/12/21 12:0 a.m.45 views

CVE-2023-48114

CVE-2023-48114 affects SmarterTools SmarterMail 8495–8664, before 8747. A stored XSS flaw arises from handling image/svg+xml and uploaded SVGs, where the app permits youtube.com variants including an @ attacker-controlled domain name. Impact is stored XSS in web context via SVG upload; no exploit...

5.4CVSS5.2AI score0.00355EPSS
Exploits1References2Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2023/07/14 7:48 p.m.61 views

Metasploit Weekly Wrap-Up

Authentication bypass in Wordpress Plugin WooCommerce Payments This week's Metasploit release includes a module for CVE-2023-28121 by h00die. This module can be used against any wordpress instance that uses WooCommerce payments 5.6.1. This module exploits an auth by-pass vulnerability in the...

10CVSS8.2AI score0.90655EPSS
Exploits20
Metasploit
Metasploit
added 2023/07/11 7:51 p.m.571 views

SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution

This module exploits a vulnerability in the SmarterTools SmarterMail software for version numbers use exploit/windows/http/smartermailrce msf exploitsmartermailr...

10CVSS9.2AI score0.83317EPSS
Exploits7
Rows per page
Query Builder