15 matches found
CVE-2026-22601
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...
CVE-2026-22601
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...
CVE-2026-22601 OpenProject is Vulnerable to Code Execution in E-Mail function
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...
CVE-2026-22601
OpenProject CVE-2026-22601 affects OpenProject 16.6.1 and earlier. A registered administrator can trigger arbitrary command execution by configuring the sendmail binary path and sending a test email, exploiting the email functionality. Root cause: insecure handling of the sendmail binary path in ...
EUVD-2026-1886
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...
CVE-2026-22601 OpenProject is Vulnerable to Code Execution in E-Mail function
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...
CVE-2026-22601 OpenProject is Vulnerable to Code Execution in E-Mail function
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...
PT-2026-2221
Name of the Vulnerable Software and Affected Versions OpenProject versions 16.6.1 and below Description OpenProject is a web-based project management software. A registered administrator can execute arbitrary commands by configuring the sendmail binary path and sending a test email. The issue...
OpenProject 命令注入漏洞
OpenProject is a Web-based project management software from OpenProject open source. A command injection vulnerability exists in OpenProject 16.6.1 and earlier versions that originates from a registered administrator being able to execute arbitrary commands by configuring the sendmail binary path...
Exploit for Code Injection in Orangehrm
OrangeHRM RCE Exploit - CVE-2025-66224 📋 Description This...
EUVD-2020-5129
Malware in sbrugna...
CVE-2021-40643
EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page by default/usr/sbin/sendmail it is possible to execute any command, which will be executed when we make...
ZZCMS SQL注入漏洞
ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS 2019 version, which can be exploited by an attacker to perform a SQL injection attack via the id parameter in /admin/ztliuyansendmail.php...
CVE-2006-0845
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname...
Code injection
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname...