11 matches found
CVE-2023-4740
A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. This affects an unknown part of the file ?r=email/api/delDraft=0 of the component Delete Draft Handler. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
EUVD-2023-54588
Malicious code in bioql PyPI...
Confluence XHR requests have the wrong content type
h3. Problem Watching or Stop watching a Confluence page and other operations see below list of identified endpoints will generate a request like the one below copied as curl from HAR capture for convenience: code:java curl 'https://confluence/rest/api/user/watch/content/9999999' \ -X 'DELETE' \ -...
CVE-2023-4740
A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. This affects an unknown part of the file ?r=email/api/delDraft&archiveId=0 of the component Delete Draft Handler. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2023-4740 IBOS OA Delete Draft delDraft&archiveId=0 sql injection
A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. This affects an unknown part of the file ?r=email/api/delDraft&archiveId=0 of the component Delete Draft Handler. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2023-4740 IBOS OA Delete Draft delDraft&archiveId=0 sql injection
A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. This affects an unknown part of the file ?r=email/api/delDraft&archiveId=0 of the component Delete Draft Handler. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
IBOS SQL Injection Vulnerability
IBOS is a collaborative office management system. An SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the component Delete Draft Handler. in the ?r=diary/default/del in the unknown section, resulting in sql injection...
PT-2023-30443 · Ibos Oa · Ibos Oa
Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical vulnerability was found in the Delete Draft Handler component, affecting an unknown part of the file at the endpoint "?r=email/api/delDraft&archiveId=0". The manipulation leads to SQL injection, a...
IBOS SQL Injection Vulnerability
IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the presence of an unknown part of ?r=email/api/delDraft&archiveId=0 in the component Delete Draft Handler. that leads to sql injection...
SUSE CVE-2006-6142
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the 1 mailto parameter in a webmail.php, the 2 session and 3 deletedraft parameters in b compose.php, and 4 unspecified vectors involving "a...
Three XSS issues in SquirrelMail
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the 1 mailto parameter in a webmail.php, the 2 session and 3 deletedraft parameters in b compose.php, and 4 unspecified vectors involving "a...