19 matches found
EUVD-2004-0336
Malware in sbrugna...
EUVD-2008-6943
Malware in sbrugna...
EUVD-2025-22130
Malicious code in bioql PyPI...
CVE-2025-7393
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from 3.0.0 before 3.2.0, from 4.0.0 before 4.2.0...
CVE-2025-7393
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from 3.0.0 before 3.2.0, from 4.0.0 before 4.2.0...
CVE-2025-7393
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from 3.0.0 before 3.2.0, from 4.0.0 before 4.2.0...
CVE-2025-7393 Mail Login - Critical - Access bypass - SA-CONTRIB-2025-088
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from 3.0.0 before 3.2.0, from 4.0.0 before 4.2.0...
CVE-2025-7393
CVE-2025-7393 affects Drupal Mail Login. The issue is an improper restriction of excessive authentication attempts that enables brute-force attacks. Affected versions are Drupal Mail Login 3.0.0–3.1.x and 4.0.0–4.1.x. Root cause is incomplete protection against repeated login attempts; no exploit...
CVE-2025-7393 Mail Login - Critical - Access bypass - SA-CONTRIB-2025-088
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login allows Brute Force.This issue affects Mail Login: from 3.0.0 before 3.2.0, from 4.0.0 before 4.2.0...
Drupal Mail Login 安全漏洞
Drupal Mail Login is an email address login plugin for the Drupal community. A security vulnerability exists in Drupal Mail Login versions prior to 3.2.0 and prior to 4.2.0, which stems from an improperly restricted authentication attempt that could lead to a brute force cracking attack...
Drupal Mail Login module < 3.2.0,4.0.0-4.1.0 - Unauthenticated Broken Access Control vulnerability
Unauthenticated Broken Access Control vulnerability discovered by Ryugo Kinoshita dc-kinoshita in WordPress Module Mail Login versions 3.2.0,4.0.0-4.1.0...
PT-2025-28955 · Drupal · Mail Login
Name of the Vulnerable Software and Affected Versions: Drupal Mail Login versions 3.0.0 through 3.1.x Drupal Mail Login versions 4.0.0 through 4.1.x Description: An improper restriction of excessive authentication attempts exists in Drupal Mail Login, allowing for brute force attacks...
Mail Login - Moderately critical - Access bypass - SA-CONTRIB-2023-048
This module enables users to log in by email address with minimal configurations. Drupal core contains protection against brute force attacks via a flood control mechanism. This module's functionality did not replicate the flood control, enabling brute force attacks. A previous security advisory,...
Mail Login - Moderately critical - Access bypass - SA-CONTRIB-2021-047
This modules enables users to login via email address. This module does not sufficiently check user status when authenticating...
OS Commerce 2.2r2 authentication bypass
No description provided by source. When this hole was brought to our attention, we were amazed to find that it seems nobody has caught it yet!! There is a page in the admin that can be access without login AND can pass parameters!! /admin/mail.php/login.php /admin/mail.php/login.php?fooled...
CVE-2008-6984
Plesk 8.6.0, when short mail login names SHORTNAMES are enabled, allows remote attackers to bypass authentication and send spam e-mail via a message with 1 a base64-encoded username that begins with a valid shortname, or 2 a username that matches a valid password, as demonstrated using a SMTP and...
CVE-2008-6984
Plesk 8.6.0, when short mail login names SHORTNAMES are enabled, allows remote attackers to bypass authentication and send spam e-mail via a message with 1 a base64-encoded username that begins with a valid shortname, or 2 a username that matches a valid password, as demonstrated using a SMTP and...
Plesk 8.6.0 authentication flaw allows to gain virtual user priviledges
Hello, the reported vulnerability allows logins to mail and probably other services protected by plesk authentication modules on at least the current Plesk 8.6.0 Unix/Linux and could eg. be used for relaying spam through gained smtp auth priviledges. Only systems which allow short mail login name...
CVE-2004-0336
LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory...