Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52131

Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 1.99 Description The 'POST /api/v1/admin/send-test-email' endpoint allows the use of attacker-controlled smtpHost and smtpPort values to establish a raw JavaMail TCP connection. This process bypasses the...

5.1CVSS5.8AI score0.00218EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.4 views

CVE-2026-4215

A security flaw has been discovered in FlowCI flow-core-x up to 1.23.01. The impacted element is the function Save of the file core/src/main/java/com/flowci/core/config/service/ConfigServiceImpl.java of the component SMTP Host Handler. The manipulation results in server-side request forgery. The...

6.5CVSS6AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2026-12331

A security flaw has been discovered in FlowCI flow-core-x up to 1.23.01. The impacted element is the function Save of the file core/src/main/java/com/flowci/core/config/service/ConfigServiceImpl.java of the component SMTP Host Handler. The manipulation results in server-side request forgery. The...

6.5CVSS5.3AI score0.00201EPSS
Exploits0References5
NVD
NVD
added 2026/03/16 2:20 p.m.3 views

CVE-2026-4215

A security flaw has been discovered in FlowCI flow-core-x up to 1.23.01. The impacted element is the function Save of the file core/src/main/java/com/flowci/core/config/service/ConfigServiceImpl.java of the component SMTP Host Handler. The manipulation results in server-side request forgery. The...

6.5CVSS0.00201EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/16 4:32 a.m.1 views

CVE-2026-4215 FlowCI flow-core-x SMTP Host ConfigServiceImpl.java save server-side request forgery

A security flaw has been discovered in FlowCI flow-core-x up to 1.23.01. The impacted element is the function Save of the file core/src/main/java/com/flowci/core/config/service/ConfigServiceImpl.java of the component SMTP Host Handler. The manipulation results in server-side request forgery. The...

6.5CVSS6.1AI score0.00201EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/16 4:32 a.m.31 views

CVE-2026-4215 FlowCI flow-core-x SMTP Host ConfigServiceImpl.java save server-side request forgery

A security flaw has been discovered in FlowCI flow-core-x up to 1.23.01. The impacted element is the function Save of the file core/src/main/java/com/flowci/core/config/service/ConfigServiceImpl.java of the component SMTP Host Handler. The manipulation results in server-side request forgery. The...

6.5CVSS0.00201EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.7 views

flow-core-x 代码问题漏洞

flow-core-x is a simple and powerful continuous integration and deployment server open source from flow.ci. Versions of flow-core-x 1.23.01 and earlier have code vulnerabilities. These vulnerabilities stem from a flaw in the Save function in the ConfigServiceImpl.java file within the SMTP Host...

6.5CVSS6.7AI score0.00201EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.9 views

PT-2026-25611

A security flaw has been discovered in FlowCI flow-core-x up to 1.23.01. The impacted element is the function Save of the file core/src/main/java/com/flowci/core/config/service/ConfigServiceImpl.java of the component SMTP Host Handler. The manipulation results in server-side request forgery. The...

6.5CVSS5.3AI score0.00201EPSS
Exploits0References4
0day.today
0day.today
added 2020/06/08 12:0 a.m.99 views

VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution Exploit

Exploit for java platform in category web applications Exploit Title: VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution Exploit Author: Tomas Melicher Technical Details: https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/ Vendor Homepage:...

6.5CVSS8.6AI score0.211EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.476 views

VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution

Exploit Title: VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution Exploit Author: Tomas Melicher Technical Details: https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/ Date: 2020-05-24 Vendor Homepage: https://www.vmware.com/ Software Link:...

8.8CVSS8.8AI score0.211EPSS
Exploits11
0daydb
0daydb
added 2020/06/03 3:54 p.m.125 views

vCloud Director 9.7.0.15498291 CVE-2020-3956 - Remote Code Execution

CVE-2020-3956 vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability. !/usr/bin/python Exploit Title: vCloud Director - Remote Code Execution Exploit Author: Tomas Melicher Technical Details:...

7.5CVSS0.2AI score0.88948EPSS
Exploits22
Drupal
Drupal
added 2009/05/20 12:0 a.m.9 views

SA-CONTRIB-2009-030 - Email Verification - Information disclosure / Cross Site Scripting

The Email Verification module tries to verify user email addresses by talking to the appropriate SMTP host. It also allows the administrator to access a list of not confirmed email addresses. In the Drupal 5 version, this list is only protected by the "access content" permission, hence allowing a...

6.1AI score
Exploits0References5
Rows per page
Query Builder