23 matches found
EUVD-2006-4279
Malware in sbrugna...
EUVD-2024-31783
Malicious code in bioql PyPI...
EUVD-2025-23601
Malicious code in bioql PyPI...
CVE-2025-8548
A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...
CVE-2025-8548 atjiu pybbs Registered Email SettingsApiController.java sendEmailCode information exposure
A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...
CVE-2025-8548 atjiu pybbs Registered Email SettingsApiController.java sendEmailCode information exposure
A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email lea...
CVE-2025-8548
Affects atjiu pybbs up to 6.0.0 in the Registered Email Handler: the sendEmailCode function (SettingsApiController.java) exposes information via error messages when the email argument is manipulated. The issue can be remotely triggered with high attack complexity; exploitation is publicly disclos...
PT-2025-31906 · Unknown · Atjiu Pybbs
Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions prior to 6.0.0 Description: A problematic issue exists in the Registered Email Handler component of atjiu pybbs. This issue affects the sendEmailCode function within the...
CVE-2024-53860
sp-php-email-handler is a PHP package for handling contact form submissions. Messages sent using this script are vulnerable to abuse, as the script allows anybody to specify arbitrary email recipients and include user-provided content in confirmation emails. This could enable malicious actors to...
PT-2024-17774 · Unknown · Code-Projects Job Recruitment
Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A problem has been found in the file / email.php, affecting an unknown functionality. The manipulation of the email argument leads to cross-site scripting. The attack can be launched...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to the improper handling of user input in the email sending functionality. An attacker can send spam, phishing emails, or other malicio...
CVE-2024-53860 Potential Abuse for Sending Arbitrary Emails in sp-php-email-handler
sp-php-email-handler is a PHP package for handling contact form submissions. Messages sent using this script are vulnerable to abuse, as the script allows anybody to specify arbitrary email recipients and include user-provided content in confirmation emails. This could enable malicious actors to...
CVE-2024-53860
CVE-2024-53860 concerns sp-php-email-handler, a PHP package for handling contact forms. The vulnerability allows anyone to specify arbitrary email recipients and inject user-provided content into confirmation emails, enabling abuse such as spam or phishing from the affected server and risking dom...
SP PHP Email Handler 注入漏洞
SP PHP Email Handler is a PHP package for handling contact form submissions from the individual developer Spencer14420. An injection vulnerability exists in versions of SP PHP Email Handler prior to 1.0.0, which stems from the vulnerability of messages sent to be abused, allowing an attacker to u...
PT-2024-35958 · Unknown · Sp-Php-Email-Handler
Name of the Vulnerable Software and Affected Versions: sp-php-email-handler versions prior to 1.0.0 Description: The sp-php-email-handler PHP package is vulnerable to abuse, allowing malicious actors to specify arbitrary email recipients and include user-provided content in confirmation emails...
CVE-2024-3191
A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2024-3191
A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2024-3191
CVE-2024-3191 affects MailCleaner up to version 2023.03.14. The issue arises from a vulnerability in the Email Handler, enabling remote OS command injection. The exploit is publicly disclosed and may be used. A patch is advised to fix the issue. Connected documents confirm vulnerability details a...
CVE-2024-3191 MailCleaner Email os command injection
A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2024-3191 MailCleaner Email os command injection
A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the...