Lucene search
K

4 matches found

OSV
OSV
added 2026/05/11 8:37 p.m.2 views

CVE-2026-43880 WWBN AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Allows Phishing from Site's Legitimate From Address

WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated...

5.3CVSS6AI score0.00229EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/21 8:48 p.m.6 views

CVE-2005-4771

Trusted Mobility Agent PC Policy in Trust Digital Trusted Mobility Suite provides a cancel button that bypasses the domain-authentication prompt, which allows local users to sync a handheld PDA device despite a policy setting that sync is unauthorized...

4.6CVSS6.6AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/30 12:0 a.m.9 views

PT-2024-38169 · Hostgator · Hostgator

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A vulnerability in multi-tenant hosting allows an authenticated sender to spoof the identity of a shared, hosted domain, thus bypassing security measure...

6.5CVSS6.8AI score0.00354EPSS
Exploits0References5
securityvulns
securityvulns
added 2008/10/23 12:0 a.m.79 views

Cisco PIX / ASA multiple security vulnerabilities

Windows NT domain authentication bypass, IPv6 DoS, DoS because of memory leak in crypto accelerator...

7.8CVSS3.2AI score0.02945EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder