59 matches found
EUVD-2013-4171
Malware in sbrugna...
EUVD-2025-11866
Malicious code in bioql PyPI...
EUVD-2023-33972
Malicious code in bioql PyPI...
XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right
Impact When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can be executed, though, as whi...
CVE-2025-49583 XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right
XWiki is a generic wiki platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can ...
CVE-2025-31118
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...
CVE-2025-31118
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...
CVE-2025-31118 NamelessMC Has Forum Reply Submission Time Limit Bypass
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...
CVE-2025-31118
CVE-2025-31118 (NamelessMC) affects NamelessMC up to version 2.1.4. The forum quick reply feature (view_topic.php) lacks spam prevention, allowing authenticated users to post replies without time restrictions, causing a surge that can disrupt operations. A fix is available in version 2.2.0. Remed...
CVE-2025-31118 NamelessMC Has Forum Reply Submission Time Limit Bypass
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...
PT-2025-17311 · Unknown · Namelessmc
Name of the Vulnerable Software and Affected Versions: NamelessMC versions 2.1.4 and prior Description: The issue concerns the forum quick reply feature, specifically the view topic.php endpoint, which lacks a spam prevention mechanism. This allows authenticated users to post replies continuously...
PT-2025-22513 · Sangoma +1 · Asterisk +2
Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 18.26.2 Asterisk versions prior to 20.14.1 Asterisk versions prior to 21.9.1 Asterisk versions prior to 22.4.1 certified-asterisk versions prior to 18.9-cert14 certified-asterisk versions prior to 20.7-cert5...
CVE-2024-53860 Potential Abuse for Sending Arbitrary Emails in sp-php-email-handler
sp-php-email-handler is a PHP package for handling contact form submissions. Messages sent using this script are vulnerable to abuse, as the script allows anybody to specify arbitrary email recipients and include user-provided content in confirmation emails. This could enable malicious actors to...
Upgraded Q -> 2 from #175 [1699029356616]
Judge has assessed an item in Issue 175 as 2 risk. The relevant finding follows: L-02 Initial values for GovernorSettings are very low ODGovernor is a OZ Governor with some plugins. It sets up its parameters in the constructor: ODGovernor::constructor: File: src/contracts/gov/ODGovernor.sol 41:...
CVE-2022-1614
The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based anti-spamming restrictions...
GHSA-6VFG-8PPV-H5HG MediaWiki Incorrect Access Control vulnerability
MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...
How to Avoid Spam—Using Disposable Contact Information
The next time you sign up for a coupon code or retail promotion, use these apps to avoid spam text and email messages...
Tech Support Scam Uses Child Porn Warning
A new email scam is making the rounds, warning recipients that someone using their Internet address has been caught viewing child pornography. The message claims to have been sent from Microsoft Support, and says the recipient's Windows license will be suspended unless they call an "MS Support"...
Captcha doesn't work for page preview comment
Steps to reproduce: go to Configuration - Spam Prevention turn on Captcha for everyone create a page with image click the image to preview try to make a comment on the image Expected: User needs to enter the captcha to submit the comment Actual: User can submit the comment without entering the...
Captcha not checked for page creation
Steps to reproduce: Turn on Captcha from Configuration - Spam Prevention Select "No one everyone will see captchas" and save Create a page should see the captcha Publish the page without entering the captcha Expected: Publish is not allowed Actual: Page is published...