63 matches found
CVE-2026-45716
Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissions to access it. When SMTP email is not configured the default for self-hosted Budibase instances,...
CVE-2026-6235 Sendmachine for WordPress <= 1.0.20 - Unauthenticated SMTP Hijack to Privilege Escalation via manage_admin_requests
The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manageadminrequests' function in all versions up to, and including, 1.0.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
WordPress plugin Sendmachine for WordPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2018-25229 BulletProof FTP Server 2019.0.0.50 Denial of Service via SMTP
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash ...
CVE-2018-25229 BulletProof FTP Server 2019.0.0.50 Denial of Service via SMTP
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash ...
F5 Networks BIG-IP : BIG-IP SMTP configuration security exposure (K000156643)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000156643 advisory. An authenticated attacker granted the guest role on a BIG-IP system can modify theSMTP Server Host...
CVE-2021-47830
GetSimple CMS My SMTP Contact Plugin 1.1.1 is affected by a CSRF vulnerability. An attacker can lure an authenticated administrator to a malicious page to modify SMTP configuration settings, potentially enabling unauthorized changes. The vulnerability is CSRF with no direct remote code execution ...
GetSimple CMS Cross-Site Request Forgery Vulnerability
GetSimple CMS is an open-source content management system developed by GetSimple CMS. Version 1.1.1 of GetSimple CMS contains a cross-site request forgeing vulnerability. This vulnerability stems from cross-site request forgery attacks, which may allow unauthorized changes to SMTP configuration...
EUVD-2021-14883
Malware in sbrugna...
EUVD-2017-9245
Malware in sbrugna...
EUVD-2020-15833
Malware in sbrugna...
EUVD-2021-14879
Malware in sbrugna...
EUVD-2020-10595
Malware in sbrugna...
EUVD-2012-4530
Malware in sbrugna...
EUVD-2023-3163
Malicious code in bioql PyPI...
EUVD-2023-49994
Malicious code in bioql PyPI...
EUVD-2021-28604
Malicious code in bioql PyPI...
CVE-2021-41590
In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify th...
CVE-2020-23079
SSRF vulnerability in Halo =1.3.2 exists in the SMTP configuration, which can detect the server intranet...
Carlo Gavazzi Energy Meters Login Brute Force, Extract Info And Dump Plant Database
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Carlo Gavazzi Energy Meters - Login Brute Force, Extract Info and Dump Plant Database', 'Description' = % This module scans for Carlo Gavazzi...