37 matches found
EUVD-2018-19482
Malware in sbrugna...
EUVD-2024-51105
Malicious code in bioql PyPI...
EUVD-2023-57397
Malicious code in bioql PyPI...
CVE-2023-5054
The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attacker...
CVE-2024-12785
A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file sendmail.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...
CVE-2024-12785
The CVE-2024-12785 vulnerability affects itsourcecode Vehicle Management System 1.0, specifically the sendmail.php file. The issue arises from unsafely handling the id (or idcabs) parameter, enabling SQL injection. Exploitation appears to be remote and has been publicly disclosed. Multiple connec...
CVE-2024-12785 itsourcecode Vehicle Management System sendmail.php sql injection
A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file sendmail.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...
CVE-2024-12785 itsourcecode Vehicle Management System sendmail.php sql injection
A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file sendmail.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...
Parameter Injection
zend-mail is vulnerable to Parameter Injection. The vulnerability is due to unsanitized additional quote characters within an address in the file Sendmail.php, which allows an attacker to inject arbitrary parameters to the system sendmail program...
CVE-2023-5054
The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attacker...
CVE-2023-5054 Super Store Finder <= 6.9.3 - Unauthenticated Email Creation/Sending
The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attacker...
PT-2023-31583 · WordPress · Super Store Finder
Name of the Vulnerable Software and Affected Versions: Super Store Finder plugin for WordPress versions up to, and including, 6.9.3 Description: The issue is related to insufficient restrictions on the sendMail.php file, allowing direct access and enabling unauthenticated attackers to send emails...
CVE-2016-10997
The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php...
CVE-2016-10997
The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php...
dair-media.net XSS vulnerability
Open Bug Bounty ID: OBB-665195 Description| Value ---|--- Affected Website:| dair-media.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
els-productions.com.au XSS vulnerability
Open Bug Bounty ID: OBB-642884 Description| Value ---|--- Affected Website:| els-productions.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
esicia.co.rw XSS vulnerability
Open Bug Bounty ID: OBB-640352 Description| Value ---|--- Affected Website:| esicia.co.rw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-7770
The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address...
Design/Logic Flaw
The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address...
CVE-2018-7770
CVE-2018-7770 affects Schneider Electric U.motion Builder; the vulnerability exists in processing of sendmail.php, allowing an attacker to select arbitrary files to send to any email address. Affected are U.motion Builder versions prior to v1.3.4. Impact is information disclosure via path travers...