CVE-2024-25634 IDOR make user can read e-mail log sent by other events

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, an attacker can access data from other organizers. The attacker can use a specially crafted request to receive the e-mail log sent by other events. Version 2.0-M4-2402 fixes this issue...

Secure Mail - Unable to sync emails - Log Error: Caught ParserException in with Sync

Emails do not sync. Reinstalling Secure Mail does not resolve the issue. Secure Mail logs show: " 2019-07-16T10:40:23.024-0700 ",SecureMail,ERROR 2,-ActiveSyncEngine postSynchronousCommandWithData:contentType:withParser:withCommandString:withTimeout:error:,"Caught ParserException in with...

BEdita 3.4.0 CMS Multiple Vulnerabilities

Latest BEdita CMS suffers on few vulnerabilities because of poor parameter filtration and none csrf tokens. Title: BEdita 3.4.0 CMS Multiple Vulnerabilities Vendor: bedita.com Demo: site.demo.bedita.com Version: 3.4.0 Latest ATM Date: 02.06.14 Dork: intext:"Proudly powered by BEdita" Contact:...

CVE-2006-4001

CVE-2006-4001 concerns Barracuda Spam Firewall (BSF): affected firmware versions 3.3.01.001–3.3.03.053 contain a hard-coded password for the guest account, enabling remote attackers to read sensitive data such as e-mail logs and potentially e-mail contents and the admin password. Related connecte...

CVE-2006-4001

Login.pm in Barracuda Spam Firewall BSF 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password...