Lucene search
K

59 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-4171

Malware in sbrugna...

4.3CVSS6.4AI score0.01031EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-11866

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00449EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-33972

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00522EPSS
Exploits2References1
Github Security Blog
Github Security Blog
added 2025/06/13 8:41 p.m.11 views

XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right

Impact When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can be executed, though, as whi...

5.1CVSS6.5AI score0.00228EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/06/13 5:4 p.m.6 views

CVE-2025-49583 XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right

XWiki is a generic wiki platform. When a user without script right creates a document with an XWiki.Notifications.Code.NotificationEmailRendererClass object, and later an admin edits and saves that document, the email templates in this object will be used for notifications. No malicious code can ...

5.1CVSS6.8AI score0.00228EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/04/25 4:19 p.m.10 views

CVE-2025-31118

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...

7.1CVSS6.7AI score0.00449EPSS
Exploits1References1
NVD
NVD
added 2025/04/18 4:15 p.m.33 views

CVE-2025-31118

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...

7.1CVSS0.00449EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/04/18 3:52 p.m.5 views

CVE-2025-31118 NamelessMC Has Forum Reply Submission Time Limit Bypass

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...

7.1CVSS6.9AI score0.00449EPSS
Exploits1References3
CVE
CVE
added 2025/04/18 3:52 p.m.66 views

CVE-2025-31118

CVE-2025-31118 (NamelessMC) affects NamelessMC up to version 2.1.4. The forum quick reply feature (view_topic.php) lacks spam prevention, allowing authenticated users to post replies without time restrictions, causing a surge that can disrupt operations. A fix is available in version 2.2.0. Remed...

7.1CVSS6.9AI score0.00449EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/04/18 3:52 p.m.34 views

CVE-2025-31118 NamelessMC Has Forum Reply Submission Time Limit Bypass

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature viewtopic.php does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction,...

7.1CVSS0.00449EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/04/18 12:0 a.m.3 views

PT-2025-17311 · Unknown · Namelessmc

Name of the Vulnerable Software and Affected Versions: NamelessMC versions 2.1.4 and prior Description: The issue concerns the forum quick reply feature, specifically the view topic.php endpoint, which lacks a spam prevention mechanism. This allows authenticated users to post replies continuously...

7.1CVSS6.2AI score0.00449EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/03/24 12:0 a.m.4 views

PT-2025-22513 · Sangoma +1 · Asterisk +2

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 18.26.2 Asterisk versions prior to 20.14.1 Asterisk versions prior to 21.9.1 Asterisk versions prior to 22.4.1 certified-asterisk versions prior to 18.9-cert14 certified-asterisk versions prior to 20.7-cert5...

7.7CVSS6.2AI score0.00418EPSS
Exploits2References19
OSV
OSV
added 2024/11/27 9:31 p.m.7 views

CVE-2024-53860 Potential Abuse for Sending Arbitrary Emails in sp-php-email-handler

sp-php-email-handler is a PHP package for handling contact form submissions. Messages sent using this script are vulnerable to abuse, as the script allows anybody to specify arbitrary email recipients and include user-provided content in confirmation emails. This could enable malicious actors to...

8.6CVSS6.7AI score0.00451EPSS
Exploits0References4
Code423n4
Code423n4
added 2023/11/03 12:0 a.m.7 views

Upgraded Q -> 2 from #175 [1699029356616]

Judge has assessed an item in Issue 175 as 2 risk. The relevant finding follows: L-02 Initial values for GovernorSettings are very low ODGovernor is a OZ Governor with some plugins. It sets up its parameters in the constructor: ODGovernor::constructor: File: src/contracts/gov/ODGovernor.sol 41:...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/20 11:15 a.m.4 views

CVE-2022-1614

The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based anti-spamming restrictions...

7.5CVSS7.1AI score0.01105EPSS
Exploits2References2
OSV
OSV
added 2022/05/24 4:49 p.m.4 views

GHSA-6VFG-8PPV-H5HG MediaWiki Incorrect Access Control vulnerability

MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

5.3CVSS5.6AI score0.01263EPSS
Exploits0References7
Wired Threat Level
Wired Threat Level
added 2020/05/16 11:0 a.m.37 views

How to Avoid Spam—Using Disposable Contact Information

The next time you sign up for a coupon code or retail promotion, use these apps to avoid spam text and email messages...

1.4AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/05/07 2:52 p.m.45 views

Tech Support Scam Uses Child Porn Warning

A new email scam is making the rounds, warning recipients that someone using their Internet address has been caught viewing child pornography. The message claims to have been sent from Microsoft Support, and says the recipient's Windows license will be suspended unless they call an "MS Support"...

6.8AI score
Exploits0
Atlassian
Atlassian
added 2018/11/12 3:39 a.m.14 views

Captcha doesn't work for page preview comment

Steps to reproduce: go to Configuration - Spam Prevention turn on Captcha for everyone create a page with image click the image to preview try to make a comment on the image Expected: User needs to enter the captcha to submit the comment Actual: User can submit the comment without entering the...

7.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2018/11/12 3:12 a.m.15 views

Captcha not checked for page creation

Steps to reproduce: Turn on Captcha from Configuration - Spam Prevention Select "No one everyone will see captchas" and save Create a page should see the captcha Publish the page without entering the captcha Expected: Publish is not allowed Actual: Page is published...

7AI score
Exploits0Affected Software1
Rows per page
Query Builder