CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Mosparo < 1.0.2 - Open Redirect

Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2. id: CVE-2023-5375 info: name: Mosparo 1.0.2 - Open Redirect author: shankaracharya severity: medium description: | Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2. impact: | Unauthenticated attackers can exploit...

6.1CVSS5.8AI score0.433EPSS

Exploits1References4

Cvelist•added 2026/05/12 9:24 p.m.•28 views

CVE-2026-41195 mosparo: Rule package source URL stored SSRF enables internal HTTP probing

mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows http/https redirects and...

5CVSS0.00028EPSS

Exploits0References1

ATTACKERKB•added 2026/05/12 9:24 p.m.•2 views

CVE-2026-41195

5CVSS5.8AI score0.00028EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/12 9:24 p.m.•5 views

CVE-2026-41195 mosparo: Rule package source URL stored SSRF enables internal HTTP probing

5CVSS5.8AI score0.00028EPSS

Exploits0References1

CVE•added 2026/05/12 9:24 p.m.•10 views

CVE-2026-41195

In mosparo, a vulnerability exists prior to version 1.4.13 where a project member with the editor role can abuse the automatic rule package source URL feature to store an attacker-controlled URL that the server fetches. The server follows HTTP/HTTPS redirects and does not restrict private or loop...

5CVSS5.8AI score0.00028EPSS

Exploits0References1

CNNVD•added 2026/05/12 12:0 a.m.•4 views

mosparo 代码问题漏洞

Mosparo is a modern spam protection software developed under open source. Versions of Mosparo prior to 1.4.13 had code vulnerabilities. These vulnerabilities stemmed from the automatic rule package source URL feature, which allowed project members with editor roles to store URLs controlled by...

5CVSS5.9AI score0.00028EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2023-57977

Malicious code in bioql PyPI...

8.8CVSS6AI score0.00134EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 4:32 a.m.•6 views

CVE-2023-5687

Cross-Site Request Forgery CSRF in GitHub repository mosparo/mosparo prior to 1.0.3...

8.8CVSS7AI score0.00134EPSS

Exploits1

RedhatCVE•added 2025/05/23 1:48 a.m.•3 views

CVE-2023-5375

Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2...

6.1CVSS6.8AI score0.433EPSS

Exploits1References1

NVD•added 2023/10/20 5:15 p.m.•10 views

CVE-2023-5687

Cross-Site Request Forgery CSRF in GitHub repository mosparo/mosparo prior to 1.0.3...

8.8CVSS6.5AI score0.00134EPSS

Exploits1References2

Prion•added 2023/10/20 5:15 p.m.•13 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in GitHub repository mosparo/mosparo prior to 1.0.3...

5.8CVSS5.6AI score0.00134EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/10/20 4:22 p.m.•9 views

CVE-2023-5687 Cross-Site Request Forgery (CSRF) in mosparo/mosparo

Cross-Site Request Forgery CSRF in GitHub repository mosparo/mosparo prior to 1.0.3...

5.4CVSS9.1AI score0.00134EPSS

Exploits1References2

Vulnrichment•added 2023/10/20 4:22 p.m.•11 views

CVE-2023-5687 Cross-Site Request Forgery (CSRF) in mosparo/mosparo

Cross-Site Request Forgery CSRF in GitHub repository mosparo/mosparo prior to 1.0.3...

5.4CVSS7AI score0.00134EPSS

Exploits1References2

OSV•added 2023/10/20 4:22 p.m.•11 views

CVE-2023-5687 Cross-Site Request Forgery (CSRF) in mosparo/mosparo

Cross-Site Request Forgery CSRF in GitHub repository mosparo/mosparo prior to 1.0.3...

5.4CVSS6AI score0.00134EPSS

Exploits1References4

CVE•added 2023/10/20 4:22 p.m.•31 views

CVE-2023-5687

CVE-2023-5687 describes a CSRF in mosparo/mosparo prior to 1.0.3. Public docs confirm a CSRF issue in logout-related flows (e.g., PoC in Huntr), with CVSS scores (NVD 8.8 High) and user interaction required. Remediation is to upgrade to version 1.0.3 or later; other sources reference logout-featu...

8.8CVSS6.5AI score0.00134EPSS

Exploits1References2Affected Software1

CNNVD•added 2023/10/20 12:0 a.m.•1 views

mosparo Cross-Site Request Forgery Vulnerability

mosparo is modern spam protection. A cross-site request forgery vulnerability exists in mosparo versions prior to 2.2.2, which stems from a cross-site request forgery vulnerability in the logout feature...

8.8CVSS6.7AI score0.00134EPSS

Exploits1References3

NVD•added 2023/10/04 9:15 a.m.•9 views

CVE-2023-5375

Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2...

6.1CVSS5.3AI score0.433EPSS

Exploits1References2

Cvelist•added 2023/10/04 8:30 a.m.•17 views

CVE-2023-5375 Open Redirect in mosparo/mosparo

Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2...

4.3CVSS6.5AI score0.433EPSS

Exploits1References2