Dokploy 信任管理问题漏洞

Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy from 0.27.0 to 0.29.3 had a security vulnerability related to trust management. This vulnerability stemmed from a hardcoded BETTERAUTHSECRET fallback value, which allowed unauthorized attackers to forge email-base...

EUVD-2000-0385

Malware in sbrugna...

Mattermost: ABLE TO TRICK THE VICTIM INTO USING A CRAFTED EMAIL ADDRESS FOR A PARTICULAR SESSION AND THEN LATER TAKE BACK THE ACCOUNT

A vulnerability was found in a website that allowed an attacker to trick a victim into using a crafted email address for a particular session, leading to the attacker taking back the victim's account and accessing their private messages. The vulnerability was triggered by removing the email value...

Matrix Synapse 跨站脚本漏洞

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. A cross-site scripting vulnerability was previously present in Matrix Synapse version 1.27.0, which allowed an attacker to exploit the vulnerability to insert forged content into an email message...

Unspecified Vulnerability in Mattermost Server (CNVD-2020-35448)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.8.2, 3.7.5 and 3.6.7. An attacker can exploit the vulnerability to add a forged link to an email notification...

HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay

source: https://www.securityfocus.com/bid/30320/info HiFriend is prone to an open-email-relay vulnerability. An attacker could exploit this issue by constructing a script that would send unsolicited bulk email to an unrestricted amount of email addresses with a forged email address. !/usr/bin/per...

Webbler CMS 3.1.3 - Mail A Friend Open Email Relay

source: https://www.securityfocus.com/bid/25045/info The 'webbler' is prone to an open-email-relay vulnerability. An attacker may leverage the issue to use webservers that are hosting the vulnerable software to send arbitrary unsolicited bulk email. Attackers may also forge email messages that...

CVE-2000-1203

Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service CPU consumption by forging an email message with the sender as [email protected] localhost, which causes Domino to enter a mail loop...

CVE-2000-0386

The CVE-2000-0386 entry concerns FileMaker Pro 5 Web Companion, where remote attackers can send anonymous or forged email. The provided documents confirm this description but do not include deeper root-cause, affected versions, exploit details, or remediation. No explicit fix/version information ...

CVE-2000-0386

FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email...

CVE-2000-0386

FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email...