CVE-2026-53868

Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without verification, then initiate deletion to lock emails in pending deletion state. Attackers can permanently lock legitimate users out of the platform for 3...

EUVD-2019-5872

Malware in sbrugna...

EUVD-2024-48392

Malicious code in bioql PyPI...

CVE-2019-14725

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

CVE-2024-7472

lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API /v1/users/send-verification and Sign up API /auth/signup. An unauthenticated attacker can inject data into outgoing emails by bypassing the extractFirstName function using a different whitespace...

CVE-2024-7472

lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API /v1/users/send-verification and Sign up API /auth/signup. An unauthenticated attacker can inject data into outgoing emails by bypassing the extractFirstName function using a different whitespace...

PT-2024-18984 · Rubygems · Omniauth-Microsoft Graph

Name of the Vulnerable Software and Affected Versions: omniauth-microsoft graph versions prior to 2.0.0 Description: The implementation did not validate the legitimacy of the email attribute of the user nor did it give or document an option to do so, making it susceptible to nOAuth misconfigurati...

Stripo Inc: multiple email usage -my.stripo.email-

I first went to the "my.stripo.emai" view and registered with my google account. Then I entered the profile. I have replaced my email with an email that is not registered with your google account.I received a verification message on the email I changed. The button was not clicked. I copied it by...

CVE-2019-14725

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

Design/Logic Flaw

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

PT-2019-13805 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.851 Description: The issue allows an attacker to modify the e-mail usage value of a victim's account using their own account, due to an insecure object reference. Recommendations: For version 0.9.8.851, at the...