EUVD-2023-56832

Malicious code in bioql PyPI...

EUVD-2023-53528

Malicious code in bioql PyPI...

go-mail 参数注入漏洞

go-mail is a Golang library with mail sending functionality by the individual developer Winni Neessen. A parameter injection vulnerability exists in go-mail version 0.7.0 and earlier, which stems from mishandling of the mail.Address value, which can lead to incorrect address routing or ESMTP...

CVE-2024-55064

Multiple cross-site scripting XSS vulnerabilities in EasyVirt DC NetScope = 8.6.4 allow remote attackers to inject arbitrary JavaScript or HTML code via the 1 smtpserver, 2 smtpaccount, 3 smtppassword, or 4 emailrecipients parameter to /smtp/update; the 5 ntp or 6 dns parameter to...

CVE-2023-49575

A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, in Sync Breeze Enterprise Server 10.4.18 version, and in Disk Pulse Enterprise 10.4.18 version, that could allow an attacker to execute persistent XSS through /setupsmtp in smtpserver, smtpuser, smtppassword an...

CVE-2023-49575

CVE-2023-49575 affects VX Search Enterprise (v10.2.14) and related Flexense products (Sync Breeze Enterprise Server 10.4.18, Disk Pulse Enterprise 10.4.18). A persistent XSS vulnerability exists via the /setup_smtp API endpoints, specifically in smtp_server, smtp_user, smtp_password, and smtp_ema...