CVE-2021-44777

Cross-Site Request Forgery CSRF vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Tracker WordPress plugin versions = 5.2.6...

CVE-2020-12618

eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enable...

Code injection

eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enable...

CVE-2017-14511

An issue was discovered in SAP E-Recruiting aka ERECRUIT 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to the provided email address. However, this measure can be bypassed and attackers can register and...

Weblate: Running 2 accounts with a single email #3

Following the fixes: 241608 & 224072. there's still another way round this. Reproduction Steps 1. Register 2 accounts Preferably using Gmail not third party - Login both accounts on separate browsers - In Browser1, navigate to https://demo.weblate.org/accounts/profile/auth - Add a new association...

Weblate: Running 2 accounts with a single email

Hi, While testing, I found a logic flaw which made me to make two accounts with a single email Reproduction Steps - You need 3 emails Gmail to be precise - Register 2 accounts with 2 different emails - On account 1, add a new email 3rd email using the Google Auth - Then delete the previous email ...