EUVD-2026-18631

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

CVE-2026-27655

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

CVE-2026-27655

Affected product/component: Zohocorp ManageEngine Exchange Reporter Plus (ManageEngine Exchange Reporter Plus) Vulnerability: Stored XSS in the Permissions Based on Mailboxes report. Affected versions: before 5802. Root cause/impact: Stored XSS vulnerability within the specified report, with no f...

CVE-2026-27655 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

CVE-2026-27655 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

CVE-2026-27655

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

ZOHO ManageEngine Exchange Reporter Plus 安全漏洞

ZOHO ManageEngine Exchange Reporter Plus is a web-based Exchange Server reporting tool developed by ZOHO Corporation. Previous versions of Zohocorp ManageEngine Exchange Reporter Plus, including version 5802, contained security vulnerabilities. These vulnerabilities stemmed from a storage...

CVE-2026-32752

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, the ThreadPolicy::edit method contains a broken access control vulnerability that allows any authenticated user regardless of role or mailbox access to read and modify all...

EUVD-2026-13219

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, the ThreadPolicy::edit method contains a broken access control vulnerability that allows any authenticated user regardless of role or mailbox access to read and modify all...

Microsoft Graph Enterprise Intelligence Collector

This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...

Microsoft Graph Advanced Intelligence Collector

This Metasploit auxiliary module interacts with the Microsoft Graph API to perform advanced intelligence collection in Microsoft 365 environments. The module supports Azure AD application authentication or direct access tokens and enables enumeration of Azure users, SharePoint sites, OneDrive...

EUVD-2004-1087

Malware in sbrugna...

EUVD-2001-1266

Malware in sbrugna...

EUVD-2007-1817

Malware in sbrugna...

EUVD-2001-1212

Malware in sbrugna...

EUVD-2007-2226

Malware in sbrugna...

EUVD-2008-4558

Malware in sbrugna...

CVE-2025-48475

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the System does not provide a check on which "clients" of the System an authorized user can view and edit, and which ones they cannot. As a result, an authorized user who does not have access to any of the...

CVE-2019-19200

REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users...

Mailbox Insecurity

It turns out that all cluster mailboxes in the Denver area have the same master key. So if someone robs a postal carrier, they can open any mailbox. I get that a single master key makes the whole system easier, but it's very fragile security...