Lucene search
K

48 matches found

RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.11 views

CVE-2026-10234

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 7:0 a.m.13 views

CVE-2026-10234 Mettle sendportal Campaign webview cross site scripting

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References7
CVE
CVE
added 2026/06/01 7:0 a.m.25 views

CVE-2026-10234

CVE-2026-10234 affects Mettle SendPortal (up to 3.0.1). The vulnerability is a cross-site scripting issue in an unknown part of the file path /webview/ within the Campaign Handler, caused by manipulation of the argument content. It can be exploited remotely, and the exploit is public. No remediat...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/01 7:0 a.m.14 views

EUVD-2026-33568

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.17 views

PT-2026-45278

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References8
NVD
NVD
added 2026/04/27 6:16 p.m.10 views

CVE-2026-7145

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

5.5CVSS0.00235EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/27 5:45 p.m.7 views

EUVD-2026-25896

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

5.5CVSS5.1AI score0.00235EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/27 5:45 p.m.4 views

CVE-2026-7145 mettle sendportal Invitation WorkspaceInvitationsController.php destroy authorization

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

5.5CVSS5.4AI score0.00235EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/27 5:45 p.m.27 views

CVE-2026-7145 mettle sendportal Invitation WorkspaceInvitationsController.php destroy authorization

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

5.5CVSS0.00235EPSS
Exploits0References5
CVE
CVE
added 2026/04/27 5:45 p.m.17 views

CVE-2026-7145

CVE-2026-7145 affects mettle SendPortal up to version 3.0.1. The vulnerability is in the destroy function of app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php (Invitation Handler), where manipulating the invitation argument leads to authorization bypass. The advisory states the a...

5.5CVSS5.6AI score0.00235EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/27 5:45 p.m.4 views

CVE-2026-7145

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

5.5CVSS5.1AI score0.00235EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.15 views

PT-2026-35500

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

5.5CVSS5.4AI score0.00235EPSS
Exploits0References8
Metasploit
Metasploit
added 2023/08/02 7:50 p.m.565 views

OSX Meterpreter, Reverse TCP Inline

Run the Meterpreter / Mettle server payload stageless Module Options msf use payload/osx/aarch64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set options... m...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2023/08/02 7:50 p.m.181 views

OSX Meterpreter, Reverse HTTPS Inline

Run the Meterpreter / Mettle server payload stageless Module Options msf use payload/osx/aarch64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and set...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2023/08/02 7:50 p.m.320 views

OSX Meterpreter, Reverse HTTP Inline

Run the Meterpreter / Mettle server payload stageless Module Options msf use payload/osx/aarch64/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and set options...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/09/12 2:41 p.m.15 views

New Linux Cryptomining Malware

Its pretty nasty: The malware was dubbed "Shikitega" for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to "mutate" its code to avoid detection. Shikitega alters its code each time it runs through one of several decoding loops that AT&T said each...

1.3AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 3:46 a.m.3 views

cloudmesh-client (>=4.2.6 <=4.4.0), coil (>=1.2.1 <=1.3.7) +6 more potentially affected by CVE-2016-10516 via werkzeug (>=0.10.1 <=0.11.10)

werkzeug PYPI version =0.10.1, =4.2.6, =1.2.1, =1.0.22, =0.7.12, =1.0.0, =1.1.1, =2.0.1 - typedjsonrpc =0.4.0 Source cves: CVE-2016-10516 Source advisory: OSV:GHSA-H2FP-XGX6-XH6F...

6.1CVSS6.6AI score0.01985EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/11/18 3:15 p.m.4 views

addok (=0.5.0), cloudmesh-client (>=4.2.6 <=4.7.3) +50 more potentially affected by CVE-2020-28724 via werkzeug (>=0.10.1 <=0.11.5)

werkzeug PYPI version =0.10.1, =4.2.6, =1.2.1, =1.0.22, =0.7.12, =0.1.1, =1.0.0, =0.0.1, =11.0.0, =11.0.0, =11.0.0, =11.0.0, =11.0.0, =11.0.0, =11.0.0, =11.0.6 and more Source cves: CVE-2020-28724 Source advisory: OSV:PYSEC-2020-157...

6.1CVSS6.3AI score0.01661EPSS
Exploits1
Metasploit
Metasploit
added 2018/10/10 9:39 a.m.361 views

Apple_iOS Meterpreter, Reverse TCP Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 643824 include...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2018/10/10 9:39 a.m.43 views

Apple_iOS Meterpreter, Reverse HTTP Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 643824 include...

7.3AI score
Exploits0
Rows per page
Query Builder