Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.13 views

CVE-2019-11332

MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456...

8.8CVSS7.2AI score0.01824EPSS
Exploits1References1
Securelist
Securelist
added 2025/12/12 10:0 a.m.6 views

Following the digital trail: what happens to data stolen in a phishing attack

Introduction A typical phishing attack involves a user clicking a fraudulent link and entering their credentials on a scam website. However, the attack is far from over at that point. The moment the confidential information falls into the hands of cybercriminals, it immediately transforms into a...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.5 views

CVE-2025-62643

The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...

8.6CVSS6.9AI score0.00291EPSS
Exploits1References1
OSV
OSV
added 2025/10/17 9:15 p.m.4 views

CVE-2025-62643

The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...

8.6CVSS5.8AI score0.00291EPSS
Exploits1References5
CVE
CVE
added 2025/10/17 12:0 a.m.16 views

CVE-2025-62643

The RBI assistant platform (Restaurant Brands International) through 2025-09-06 is affected by multiple interconnected issues. Public sources describe a remote, unauthenticated signup weakness via an open signup API, enabling account creation without proper verification, and a separate vulnerabil...

8.6CVSS6.6AI score0.00291EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/10/17 12:0 a.m.7 views

CVE-2025-62643

The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...

3.4CVSS0.00291EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-3013

Malware in sbrugna...

8.8CVSS8.8AI score0.01824EPSS
Exploits1References2
OSV
OSV
added 2020/07/09 3:15 p.m.8 views

CVE-2020-12398

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird 68.9.0...

7.5CVSS8.2AI score0.00976EPSS
Exploits0References3
CVE
CVE
added 2018/08/21 11:0 p.m.39 views

CVE-2018-15668

CVE-2018-15668 affects Bloop Airmail 3.5.9 for macOS. The airmail:// URL scheme’s send command can be invoked by external applications to auto-send emails from the user’s active account, with attachment_ parameters allowing any accessible file path (including relative paths) to be attached withou...

5.3CVSS5.5AI score0.0088EPSS
Exploits0References1Affected Software1
ripstech
ripstech
added 2017/10/17 12:0 p.m.30 views

flatCore CMS 1.4.6: Remote Code Execution and Easteregg

RIPS Analysis The 74,000 lines of code of the flatCore CMS were analyzed in less than 3 minutes. RIPS discovered multiple vulnerabilities ranging from open redirection CVE-2017-11205 and cross-site scripting CVE-2017-11204 to SQL injection CVE-2017-11207, many of them being exploitable as...

8.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/28 7:35 a.m.2 views

MiniBBS22 from CGI RESCUE allows unauthorized email transmission

Overview MiniBBS22 from CGI RESCUE contains a vulnerability which allows unauthorized email transmission regardless of the configuration. MiniBBS22 is a message board script provided by CGI RESCUE. MiniBBS22 contains a vulnerability which allows unauthorized email transmission regardless of the...

5CVSS6.8AI score0.01173EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.45 views

JVN#36982346 MiniBBS22 from CGI RESCUE allows unauthorized email transmission

MiniBBS22 is a message board script provided by CGI RESCUE. MiniBBS22 contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send any email to an arbitrary address. Solution Update the software Update to the latest versi...

5CVSS6.4AI score0.01173EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.39 views

JVN#76370393 FORM2MAIL from CGI RESCUE allows unauthorized email transmission

FORM2MAIL from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. FORM2MAIL contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send emails to arbitrary addresses. Solution Updat...

5CVSS6.3AI score0.01222EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.2 views

CGI RESCUE WebFORM allows unauthorized email transmission

Overview WebFORM from CGI RESCUE is software which delivers the HTML form inputs via email. WebFORM fails to check the mail headers properly, allowing a remote attacker to send email to arbitrary addresses. According to the vendor's information, FORM2MAIL also contains a similar vulnerability, an...

5CVSS6.8AI score0.01491EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

CGI RESCUE WebFORM allows unauthorized email transmission

Overview WebFORM from CGI RESCUE is software which delivers the HTML form inputs via email. WebFORM fails to check the mail headers properly, allowing a remote attacker to send email to arbitrary addresses. According to the vendor's information, FORM2MAIL also contains a similar vulnerability, an...

7.5CVSS6.8AI score0.01709EPSS
Exploits0References9
securityvulns
securityvulns
added 2007/06/04 12:0 a.m.46 views

Dansie Cart Script Exploit Reported

Synopsis : This program -deliberately- allows arbitrary commands to be executed on the victim server. One of our clients, while installing and configuring the Dansie Shopping Cart, ran into difficulty integrating PGP, the shopping cart program, and our secure server setup. While trying to assist...

0.3AI score
Exploits0
myhack58
myhack58
added 2006/12/12 12:0 a.m.23 views

Know thyself commonly used to hack Email accounts of three methods-vulnerability warning-the black bar safety net

E-mail is not secure, in the mail sending, transmitting and receiving the whole process of each link is there may be a weak link, a malicious user if the use of their vulnerability, it is possible to easily hack the account to get mail content. One, the use of the mail serveroperating...

7.3AI score
Exploits0
Rows per page
Query Builder