56 matches found
CVE-2026-36340
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
PT-2026-36116
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
EUVD-2026-26382
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
PT-2026-7027
Name of the Vulnerable Software and Affected Versions D-Link DI-7100G C1 version 24.04.18D1 Description A flaw exists in the start proxy client email function that can allow for command injection. This issue can be exploited remotely. Recommendations At the moment, there is no information about a...
CVE-2026-20711
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...
CVE-2026-20711
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...
CVE-2026-20711
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...
EUVD-2026-5119
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...
CVE-2026-20711
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...
CVE-2026-20711
CVE-2026-20711 describes a Cross-site scripting vulnerability in the E-mail function of Cybozu Garoon, affecting version range 5.0.0 through 6.0.3. The issue is triggered via the E-mail component and is reported to allow an attacker to reset arbitrary users’ passwords. The provided documents iden...
Cybozu Garoon 跨站脚本漏洞
Cybozu Garoon is a portal-based OA office system developed by the Cybozu company. This system provides functions such as portals, email, bookmarks, calendar management, bulletin boards, and file management. Cybozu Garoon 6.0.3 and earlier versions had a cross-site scripting vulnerability. This...
CVE-2026-22601
OpenProject CVE-2026-22601 affects OpenProject 16.6.1 and earlier. A registered administrator can trigger arbitrary command execution by configuring the sendmail binary path and sending a test email, exploiting the email functionality. Root cause: insecure handling of the sendmail binary path in ...
CVE-2020-24327
Server Side Request Forgery SSRF vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites...
EUVD-2020-14551
Malware in sbrugna...
EUVD-2020-17061
Malware in sbrugna...
EUVD-2005-1644
Malware in sbrugna...
EUVD-2025-28710
Malicious code in bioql PyPI...
CVE-2025-8422
The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the sendemail function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which...
CVE-2025-8422
The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the sendemail function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which...
WordPress plugin Propovoice 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...