Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.7 views

PT-2026-30729

Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, the getClientIP function in lib/admin/session.ts trusted the first leftmost entry of the X-Forwarded-For header, which is fully controlled by the client. An attacker could forge their source IP address to...

8.7CVSS6AI score0.00136EPSS
Exploits0References2
NVD
NVD
added 2026/03/18 4:16 p.m.4 views

CVE-2025-55045

The update address CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to manipulate user address information through CSRF. The vulnerable cUsers.updateAddress function lacks CSRF token validation, enabling malicious websites to forge requests that add, modify, or delete user addresses...

7.1CVSS0.00109EPSS
Exploits0References3
Huntr
Huntr
added 2022/04/20 3:30 p.m.14 views

no spoofing protection on email domain (No Valid SPF Records.)

What Is SPF/TXT Records? An SPF record is a type of Domain Name Service DNS record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. Checking...

7AI score
Exploits0References2
CNVD
CNVD
added 2018/01/25 12:0 a.m.1 views

Mozilla Firefox Forged URL Vulnerability

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A spoofed URL vulnerability exists in Mozilla Firefox versions prior to 58 and Firefox ESR versio...

5.3CVSS8.8AI score0.02386EPSS
Exploits0References1
Rows per page
Query Builder