CVE-2024-9199

Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of service DoS...

When spear phishing met mass phishing

Introduction Bulk phishing email campaigns tend to target large audiences. They use catch-all wordings and simplistic formatting, and typos are not uncommon. Targeted attacks take greater effort, with attackers sending personalized messages that include personal details and might look more like...

Newsletter & Bulk Email Sender <= 2.0.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Plugin Newsletter & Bulk Email Sender Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Newsletter & Bulk Email...

CVE-2023-45829

CVE-2023-45829 is a Stored XSS in the HappyBox Newsletter & Bulk Email Sender WordPress plugin (versions ≤ 2.0.1). Authenticated users with contributor+ permissions can exploit input handling that does not properly validate/escape parameters, enabling stored script execution. Impact per sources i...

WordPress Newsletter & Bulk Email Sender Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Newsletter & Bulk Email Sender Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45829 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 83ca41771be8 Credits thiennv...

@essex/powerbi-visual-scripts (=1.1.0), @essex/visual-settings (>=1.0.0 <=3.0.0) +13 more potentially affected by CVE-2018-25049 via email-existence (>=0.1.2 <=0.1.6)

email-existence NPM version =0.1.2, =1.0.0, =1.0.0, =0.1.5, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.1.6, =1.2.4 Source cves: CVE-2018-25049 Source advisory: OSV:GHSA-P27H-4CPF-FW48...

Newsletter SQL注入漏洞

Newsletter is a one-click bulk email solution. A security vulnerability exists in the Newsletter v3.x series of releases that stems from a security issue with the zemeznewsletteremail parameter...

CVE-2021-44777

Cross-Site Request Forgery CSRF vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Tracker WordPress plugin versions = 5.2.6...

CRLF Injection

php is vulnerable to CRLF injection. A flaw was discovered in the way PHP's mail function processed header data. If a script sent mail using a Subject header containing a string from an untrusted source, a remote attacker could send bulk e-mail to unintended recipients...

Researchers Uncover a Nigerian Hacker's Pursuit of his Million Dollar Dream

Social engineering-driven malware threats continue to be a big threat, but new research details how cybercriminals profit off such schemes to launder hundreds of thousands of dollars from stolen credit cards of unsuspecting victims. Cybersecurity firm Check Point Research, in a report shared with...

Camelishing - Social Engineering Tool

Camelishing Social Engineering Tool Features 1. Bulk email sending 2. Basic Python Agent Creator 3. Office Excel Macro Creator 4. DDE Excel Creatoror Custom Payload 5. Return İnformation Mail Open Track Agent Open Track 6. AutoSave 7. Statistics Report 8. User Control Installation Modules $ pip...

Snapchat: Captcha Bypass in Snapchat's Geofilter Submission Process

Hi, Overview: Snapchat provides a form in which users can submit "Geofilters". These are filters which get applied to users snaps when they are in specific geolocations. The form https://www.snapchat.com/geofilters/submit.html allows for the submission of these "Geofilters" as an anonymous user...

HiFriend - &#039;cgi-bin/hifriend.pl&#039; Open Email Relay

source: https://www.securityfocus.com/bid/30320/info HiFriend is prone to an open-email-relay vulnerability. An attacker could exploit this issue by constructing a script that would send unsolicited bulk email to an unrestricted amount of email addresses with a forged email address. !/usr/bin/per...