PT-2023-21754 · Wekan · Wekan

Name of the Vulnerable Software and Affected Versions: WeKan versions prior to 6.75 Description: A stored cross-site scripting Stored XSS issue in the file preview feature allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Users with BoardAdmin...

E-mail attachment execution

Added: 01/28/2009 Background This tool sends an e-mail attachment which, when executed, establishes a command connection. Limitations This tool requires a user to execute the e-mail attachment in order to succeed. This tool requires the IP address of a working mail server which allows relaying of...