12 matches found
CVE-2026-40309
Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.empty function does not validate anti-CSRF tokens for trash management requests. An attacker can induce a logged-in administrator to submit a forged request that empties the trash and permanent...
PT-2025-47663
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eh crm settings empty trash' function in all versions up to, and including, 3.3.1. This makes it possible for authenticated...
EUVD-2015-5847
Malware in sbrugna...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.5 fixed: IMAP could crash when reading cached messages fixed: Enabling "Show Folder Size" on Maildir profile could render Thunderbird unusable fixed: Messages corrupted by folder compaction were only fixed by...
SUSE CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
CVE-2015-5901
The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive...
Design/Logic Flaw
The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive...
CVE-2015-5901
CVE-2015-5901 affects Apple OS X Finder’s Secure Empty Trash feature, where Trash files may not be securely deleted due to improper deletion, enabling local attackers to read data from storage media (e.g., a flash drive). Affected: OS X versions prior to 10.11. Root cause: implementation failure ...
Apple OS X 'Secure Empty Trash' Security Bypass Vulnerability
Apple OS X is an operating system developed by Apple Inc. A security vulnerability exists in the "Secure Empty Trash" implementation of Apple OS X, which can be exploited by a local attacker to delete files from the Trash...
SquirrelMail: CSRF in the empty trash feature and in Index Order page
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
UBUNTU-CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...