Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2024/07/27 8:15 a.m.14 views

CVE-2024-5969

The AIomatic - Automatic AI Content Writer for WordPress is vulnerable to arbitrary email sending vulnerability in versions up to, and including, 2.0.5. This is due to insufficient limitations on the email recipient and the content in the 'aiomaticsendemail' function which are reachable via AJAX...

5.8CVSS0.00483EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/06/13 1:15 p.m.4 views

CVE-2022-0745

The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...

6.5CVSS5.6AI score0.00277EPSS
Exploits2References2
Positive Technologies
Positive Technologiesadded 2020/01/15 12:0 a.m.3 views

PT-2020-15300 · Cloudbees +1 · Jenkins Health Advisor By Cloudbees Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Health Advisor by CloudBees Plugin versions 3.0 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient. The form validati...

5CVSS4.4AI score0.00061EPSS
Exploits0References7
OSV
OSVadded 2019/11/13 6:15 p.m.2 views

CVE-2019-16949

An issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. A user is allowed to send an archive of their chat log to an email address specified at the beginning of the chat where the user enters in their name and e-mail address. This POST request can be modified to change the message...

6.5CVSS6.7AI score
Exploits0References1
Prion
Prionadded 2015/06/16 5:59 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a component name in the recipient To address of an ema...

3.5CVSS5.7AI score0.00253EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessusadded 2011/06/13 12:0 a.m.15 views

Box.net File Share Detection Email Recipient Detection

Binary data 5949.prm...

7.3AI score
Exploits0References1
NVD
NVDadded 2010/09/17 8:0 p.m.7 views

CVE-2010-3457

Multiple cross-site scripting XSS vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 fieldswebsite parameter in the post comments feature in articles/a-primer-to-symphony-2s-default-theme/ or 2 send-emailrecipient parameter to...

4.3CVSS5.8AI score0.01601EPSS
Exploits1References5
NVD
NVDadded 2005/11/20 9:3 p.m.14 views

CVE-2005-3351

SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients "To" addresses, which triggers a bus error in Perl...

5CVSS6.3AI score0.17898EPSS
Exploits0References17
exploitpack
exploitpackadded 2000/07/18 12:0 a.m.12 views

Microsoft Outlook 97982000 Outlook Express 4.05.0 - GMT Field Buffer Overflow (1)

Microsoft Outlook 97982000 Outlook Express 4.05.0 - GMT Field Buffer Overflow 1 source: https://www.securityfocus.com/bid/1481/info All versions of Microsoft Outlook and Outlook Express are vulnerable to buffer overflow attacks where a remote user is capable of executing arbitrary code on an emai...

0.2AI score
Exploits0
Rows per page
Query Builder