28 matches found
CVE-2026-30878
baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...
EUVD-2026-17261
baserCMS has Mail Form Acceptance Bypass via Public API...
CVE-2026-30878
baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...
CVE-2026-30878 baserCMS: Mail Form Acceptance Bypass via Public API
baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...
CVE-2026-30878 baserCMS: Mail Form Acceptance Bypass via Public API
baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...
CVE-2026-30878 baserCMS: Mail Form Acceptance Bypass via Public API
baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...
PT-2026-29149
baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...
EUVD-2018-9601
Malware in sbrugna...
CVE-2019-15028
In Joomla! before 3.9.11, inadequate checks in comcontact could allow mail submission in disabled forms...
SUSE CVE-2019-11499
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message...
CVE-2020-14932
An unsafe deserialization vulnerability was found in SquirrelMail. This flaw allows an authenticated user to craft malicious form data when submitting mail...
Joomla! 1.6.x < 3.9.11 Joomla 3.9.11 Release (5775-joomla-3-9-11)
According to its self-reported version, the instance of Joomla! running on the remote web server is 1.6.x prior to 3.9.11. It is, therefore, affected by a vulnerability in comcontact due to improper access control checks. A remote attacker can exploit this to submit mail in disabled forms. Note...
Joomla! < 3.9.11 Mail Submission Vulnerability
Joomla! is prone to inadequate checks in comcontact which could allow mail submission in disabled forms. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2019-15028
In Joomla! before 3.9.11, inadequate checks in comcontact could allow mail submission in disabled forms...
CVE-2019-15028
In Joomla! before 3.9.11, inadequate checks in comcontact could allow mail submission in disabled forms...
Design/Logic Flaw
In Joomla! before 3.9.11, inadequate checks in comcontact could allow mail submission in disabled forms...
CVE-2019-15028
In Joomla! before 3.9.11, inadequate checks in comcontact could allow mail submission in disabled forms...
CVE-2019-15028
CVE-2019-15028 affects Joomla! core prior to 3.9.11, where inadequate checks in the com_contact component can allow mail submission through disabled forms. Multiple connected sources confirm the issue as an improper access-control/validation problem in com_contact, enabling a remote attacker to s...
[20190801] - Core - Hardening com_contact contact form
Inadequate checks in comcontact could allowed mail submission in disabled forms...
Joomla! 1.5.x < 3.8.13 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - Mail submission in disabled forms due to inadequate checks in comcontact affects Joomla 2.5.0 through 3.8.12 - Inadequate default access level for comjoomlaupdate affects...