Lucene search
+L

53 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-2287

Malware in sbrugna...

9CVSS8.6AI score0.04714EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-17076

Malware in sbrugna...

8.8CVSS8.6AI score0.03471EPSS
Exploits1References7
Patchstack
Patchstack
added 2024/04/15 12:0 a.m.9 views

WordPress Access Category Password Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Access Category Password Type Plugin Vulnerable versions = 1.5.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32535 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c844ee6de29c Credits Dimas Maulana Required...

7.1CVSS6.5AI score0.00333EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/11/14 12:15 a.m.5 views

CVE-2023-47665

Unauth. Reflected Cross-Site Scripting XSS vulnerability in edwardplainview Plainview Protect Passwords plugin = 1.4 versions...

6.1CVSS7.3AI score0.00404EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.3 views

SUSE CVE-2015-2180

The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password...

9CVSS9AI score0.04714EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.4 views

SUSE CVE-2015-2181

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the 1 password or 2 username...

8.8CVSS9.4AI score0.02867EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

8.8CVSS8.9AI score0.03471EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.6 views

PT-2022-19383 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mask Passwords Plugin versions 3.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because the plugin does no...

5.4CVSS5.5AI score0.00798EPSS
Exploits0References7
Mageia
Mageia
added 2017/06/26 9:28 a.m.28 views

Updated roundcubemail packages fix security vulnerability

It was discovered that roundcubemail prior to 1.0.11 contained a vulnerability in the virtualmin and sasl drivers of the password plugin CVE-2017-8114...

8.8CVSS3AI score0.03471EPSS
Exploits1References2
OSV
OSV
added 2017/06/26 9:28 a.m.9 views

MGASA-2017-0181 Updated roundcubemail packages fix security vulnerability

It was discovered that roundcubemail prior to 1.0.11 contained a vulnerability in the virtualmin and sasl drivers of the password plugin CVE-2017-8114...

8.8CVSS8.7AI score0.03471EPSS
Exploits1References3
Hacker One
Hacker One
added 2017/06/21 3:42 p.m.128 views

Internet Bug Bounty: Roundcube virtualmin privilege escalation (CVE-2017-8114)

Description Password plugin in its virtualmin driver allows to an attacker, that has a valid username/password to login in his web panel, to execute malicious inputs. This could allow to an attacker to reset victim's password and in some scenarios getting a system shell. CVE CVE-2017-8114 Details...

6.5CVSS8.6AI score0.03471EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2017/04/29 7:59 p.m.22 views

CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

8.8CVSS7.3AI score0.03471EPSS
Exploits1References8
OSV
OSV
added 2017/04/29 7:59 p.m.2 views

DEBIAN-CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

8.8CVSS7AI score0.03471EPSS
Exploits1References1
OSV
OSV
added 2017/04/29 7:59 p.m.4 views

ALPINE-CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

8.8CVSS7AI score0.03471EPSS
Exploits1References1
OSV
OSV
added 2017/04/29 7:59 p.m.18 views

UBUNTU-CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

8.8CVSS5.9AI score0.03471EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2017/04/29 12:0 a.m.5 views

PT-2017-18124

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 1.0.11 Roundcube Webmail versions 1.1.x before 1.1.9 Roundcube Webmail versions 1.2.x before 1.2.5 Description The issue allows arbitrary password resets by authenticated users due to an improperly restricte...

9.8CVSS7AI score0.84456EPSS
Exploits13References42
CNVD
CNVD
added 2017/02/14 12:0 a.m.5 views

Roundcube Password Plugin Code Execution Vulnerability

Roundcube is a browser-based IMAP client that supports address book management, message searching, spell checking and more. A security vulnerability exists in the DBMail driver for Roundcube's Password plugin. A remote attacker can exploit the vulnerability to submit special shell metacharacters ...

9CVSS7.5AI score0.04714EPSS
Exploits1References1
CNVD
CNVD
added 2017/02/14 12:0 a.m.6 views

Roundcube Password Plugin Buffer Overflow Vulnerability

Roundcube is a browser-based IMAP client that supports address book management, message searching, spell checking and more. A buffer overflow vulnerability exists in the DBMail driver for Roundcube's Password plugin. A remote attacker could exploit the vulnerability to submit a special request th...

8.8CVSS7.3AI score0.02867EPSS
Exploits1References1
Prion
Prion
added 2017/01/30 10:59 p.m.24 views

Default credentials

The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password...

9CVSS8.2AI score0.04714EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/01/30 10:59 p.m.6 views

DEBIAN-CVE-2015-2180

The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password...

8.8CVSS8.6AI score0.04714EPSS
Exploits1References1
Rows per page
Query Builder