EUVD-2004-0535

Malware in sbrugna...

EUVD-2023-31363

Malicious code in bioql PyPI...

CVE-2023-27627

Unauth. Reflected Cross-Site Scripting XSS vulnerability in eggemplo Woocommerce Email Report plugin = 2.4 versions...

CVE-2023-27627

Unauth. Reflected Cross-Site Scripting XSS vulnerability in eggemplo Woocommerce Email Report plugin = 2.4 versions...

CVE-2023-27627

Unauth. Reflected Cross-Site Scripting XSS vulnerability in eggemplo Woocommerce Email Report plugin = 2.4 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in eggemplo Woocommerce Email Report plugin = 2.4 versions...

CVE-2023-27627 WordPress Woocommerce Email Report Plugin <= 2.4 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in eggemplo Woocommerce Email Report plugin = 2.4 versions...

CVE-2023-27627

CVE-2023-27627 is an Unaunthenticated Reflected XSS in the WordPress plugin Eggemplo WooCommerce Email Report (versions

PT-2023-21264 · Unknown · Eggemplo Woocommerce Email Report

Name of the Vulnerable Software and Affected Versions: eggemplo Woocommerce Email Report plugin versions = 2.4 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website...

WordPress Woocommerce Email Report Plugin <= 2.4 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Email Report Type Plugin Vulnerable versions = 2.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27627 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 629859a93d95 Credits Yuki Haruma...

Malicious Package

Overview email-report is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious code in email-report (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a26f280816f19cb1307ffabf2da3a9ecf9e78f457545b2957088c98eb976447 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2709 Malicious code in email-report (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a26f280816f19cb1307ffabf2da3a9ecf9e78f457545b2957088c98eb976447 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-0027

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not hav...

CVE-2022-0027

CVE-2022-0027 involves an improper authorization vulnerability in Palo Alto Networks Cortex XSOAR where authenticated users in non-Read-Only groups can generate an email report containing summary information about all incidents, including those the user cannot access. Affected: Cortex XSOAR 6.1–6...

CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not hav...

1CRM On-Premise Software 8.5.7 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications 1CRM On-Premise Software 8.5.7 Stored XSS //////////////////////////////////////////////////////////////////////////////////// Exploit Title: 1CRM On-Premise Software 8.5.7 - Cross-Site Scripting Date: 19/07/2019 Exploit Author: Kusol...

Bomb Threats Emailed Around the World

The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom ...

mongoaudit - A Powerful MongoDB Auditing and Pentesting Tool

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. Installing with pip This is the recommended installation method in case you have python and pip . pip install mongoaudit Alternative installer Use this if and only...

email_report

This plugin sends short report only vulnerabilities by email to specified addresses. There are some configurable parameters: smtpServer smtpPort toAddrs fromAddr Plugin type Output Options Name | Type | Default Value | Description | Help ---|---|---|---|--- smtpServer | string | localhost | SMTP...