31 matches found
EUVD-2006-2590
Malware in sbrugna...
EUVD-2025-7733
Malicious code in bioql PyPI...
EUVD-2025-2818
Malicious code in bioql PyPI...
CVE-2025-27156
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...
CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...
CVE-2025-27156
Tuleap CVE-2025-27156 affects the mass emailing feature, where HTML content in emails is not sanitized, enabling content injection that could facilitate phishing or indirect exploitation of recipients’ mail clients. Affected versions include Tuleap Community Edition prior to 16.4.99.1740567344 an...
CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...
CVE-2025-22540
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...
CVE-2025-22540
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...
CVE-2025-22540
CVE-2025-22540 refers to an unauthenticated SQL Injection in the WordPress plugin Emailing Subscription (v1.4.1 and earlier). The issue arises from improper neutralization of input in SQL queries, enabling blind SQL injection. Public references on Red Hat and Wordfence corroborate the vulnerabili...
CVE-2025-22540 WordPress Emailing Subscription Plugin <= 1.4.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...
CVE-2025-22540 WordPress Emailing Subscription Plugin <= 1.4.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sebastian Orellana Emailing Subscription allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through 1.4.1...
WordPress plugin Emailing Subscription SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress Emailing Subscription Plugin <= 1.4.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Emailing Subscription versions = 1.4.1...
CVE-2024-6201 HaloITSM - Emailing Template Injection
HaloITSM versions up to 2.146.1 are affected by a Template Injection vulnerability within the engine used to generate emails. This can lead to the leakage of potentially sensitive information. HaloITSM versions past 2.146.1 and patches starting from 2.143.61 fix the mentioned vulnerability...
Accruent LLC Maintenance Connection SQL注入漏洞
Accruent LLC Maintenance Connection is a comprehensive work order management, preventive maintenance program and parts inventory solution. A security vulnerability exists in Accruent LLC Maintenance Connection versions 2021 and 2022.2, which stems from an SQL injection during emailing to the work...
My Tickets < 1.9.11 - Bulk Emailing via CSRF
The plugin does not have CSRF check when bulk emailing, which could allow attackers to make logged in admins perform such action via a CSRF attack...
Major BEC Phishing Ring Cracked Open with 3 Arrests
Three men suspected of participating in a massive business email compromise BEC ring have been arrested in Lagos, Nigeria. A joint INTERPOL, Group-IB and Nigeria Police Force cybercrime investigation resulted in the arrest of the Nigerian nationals, believed to be responsible for distributing...
CVE-2019-11625
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php. A remote background administrator privilege user or a user with permission to manage emailing could exploit the vulnerability to obtain database sensitive information...
emailing-online.net Open Redirect vulnerability
Open Bug Bounty ID: OBB-325866 Description| Value ---|--- Affected Website:| emailing-online.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...