EUVD-2022-52780

Malicious code in bioql PyPI...

CVE-2022-31184

Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unabl...

PT-2024-17348 · WordPress · Jobsearch Wp Job Board

Name of the Vulnerable Software and Affected Versions: JobSearch WP Job Board plugin for WordPress versions up to 2.6.7 Description: The issue arises from the plugin not properly verifying a user's identity when verifying an email address through the user account activation function. This allows...

BIT-DISCOURSE-2022-31184 Email activation route can be abused by spammers in Discourse

Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unabl...

GHSA-JGC8-GVCX-9VFX XWiki Platform Improper Authorization check for inactive users

Impact Some resources are missing a check for inactive not yet activated or disabled users in XWiki, including the REST service: so a disabled user can enable themselves using a REST call. On the same way some resources handler created by extensions are not protected by default: so an inactive...

Discourse 2.9.x < 2.9.0.beta7 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

Discourse < 2.8.6 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

CVE-2022-31184

Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unabl...

Design/Logic Flaw

Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unabl...

CVE-2022-31184

CVE-2022-31184 affects Discourse; an abuse of the email activation route allows mass-spam via unmitigated email flows. The root cause is not deeply detailed in the provided documents, but the mitigation is explicit: a fix has been included in the latest stable, beta, and tests-passed Discourse re...

CVE-2022-31184 Email activation route can be abused by spammers in Discourse

Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unabl...

CVE-2022-31184 Email activation route can be abused by spammers in Discourse

Discourse is the an open source discussion platform. In affected versions an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta and tests-passed versions of Discourse which rate limits emails. Users are advised to upgrade. Users unabl...

PT-2022-20594 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse affected versions not specified Description: Discourse is an open source discussion platform. In affected versions, an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta...

Joomla Account Creation and Privilege Escalation

This module creates an arbitrary account with administrative privileges in Joomla versions 3.4.4 through 3.6.3. If an email server is configured in Joomla, an email will be sent to activate the account the account is disabled by default. This module requires Metasploit:...

Veris: Creating multiple user with the same link which is sent to email after registeration

Go to the Link for register 2.Email will be sent to the user - Email id 3.Access the same Link in 2 different browser Google Chrome , Firefox 4.Change the username in each browser !!!! 5. Still it works !!! I guess you got to know what the problem is !!!! the Link sent to the Email id for...

Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities

Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities Exploit Title: Open Real Estate CMS - Multiple vilnerabilities Date: 2013 9 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage:...

Brim 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ==================================================== Brim 2.0.0 SQL/XSS Multiple Remote Vulnerabilities ==================================================== Found by : Fisher762 Groups : inj3ct0r...

Brim 2.0.0 - SQL Injection Cross-Site Scripting

Brim 2.0.0 - SQL Injection Cross-Site Scripting || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...