EUVD-2025-7733

Malicious code in bioql PyPI...

CVE-2025-27156

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...

CVE-2025-27156

Tuleap CVE-2025-27156 affects the mass emailing feature, where HTML content in emails is not sanitized, enabling content injection that could facilitate phishing or indirect exploitation of recipients’ mail clients. Affected versions include Tuleap Community Edition prior to 16.4.99.1740567344 an...

CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...

CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...

Major BEC Phishing Ring Cracked Open with 3 Arrests

Three men suspected of participating in a massive business email compromise BEC ring have been arrested in Lagos, Nigeria. A joint INTERPOL, Group-IB and Nigeria Police Force cybercrime investigation resulted in the arrest of the Nigerian nationals, believed to be responsible for distributing...

Envoy: Abuse of API can Lead to DoS

Issue Description The researcher identified that it is possible to abuse the manual creation of employees via the api, meaning that a malicious attacker can create a trial account and use this to mass spam users' with emails, the screenshot below shows the mass amount of emails that can be sent i...

VU Online Mailing SQL Vulnerable

Exploit for asp platform in category web applications ================================ VU Online Mailing SQL Vulnerable ================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...

Mantis < 0.18.3 / 0.19.0a2 Multiple Vulnerabilities

According to its banner, the remote version of Mantis contains multiple flaws that may allow an attacker to use it to perform a mass emailing, to inject HTML tags in the remote pages, or to execute arbitrary commands on the remote host if PHP's 'registerglobals' setting is enabled. %NASLMINLEVEL...