CVE-2010-4071

Cross-site scripting XSS vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail...

CVE-2024-25214

An issue in Employee Managment System v1.0 allows attackers to bypass authentication via injecting a crafted payload into the E-mail and Password parameters at /alogin.html...

CVE-2023-51765

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other...

CVE-2018-20898

CVE-2018-20898 affects cPanel before 71.9980.37, where e-mail injection is possible during cPAddons moderation (SEC-396). Multiple connected records (NVD, Red Hat, PRION) corroborate the vendor-facing nature of the issue and the same description. The available documents do not provide exploit cod...

Jetbox CMS version 2.1 E-Mail Injection Vulnerability

netVigilance Security Advisory 26 Jetbox CMS version 2.1 E-Mail Injection Vulnerability Description: Jetbox content management system is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully...

jetbox-inject.txt

netVigilance Security Advisory 26 Jetbox CMS version 2.1 E-Mail Injection Vulnerability Description: Jetbox content management system is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully...

CVE-2007-1941

CVE-2007-1941 describes a Cross-site scripting (XSS) vulnerability in the Active Content Filter feature of Domino Web Access (DWA) in IBM Lotus Notes. Affected software: IBM Lotus Domino with DWA before 6.5.6 and 7.x before 7.0.2 FP1. The issue allows remote attackers to inject arbitrary web scri...