CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters...

5CVSS7.3AI score0.05464EPSS

Exploits1References1

Prion•added 2007/10/01 8:17 p.m.•12 views

Code injection

Unspecified vulnerability in the embedded service processor SP before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager ELOM allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy...

5CVSS7AI score0.00658EPSS

Exploits0References8

NVD•added 2007/10/01 8:17 p.m.•12 views

CVE-2007-5170

5CVSS6.6AI score0.00658EPSS

Exploits0References8

Cvelist•added 2007/10/01 8:0 p.m.•16 views

CVE-2007-5170

6.6AI score0.00658EPSS

Exploits0References8

CVE•added 2007/10/01 8:0 p.m.•38 views

CVE-2007-5170

Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) before firmware 3.09 contain an unspecified vulnerability that allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy. The description is explicit but does not provide exploit vectors, affected compo...

5CVSS6.7AI score0.00658EPSS

Exploits0References8Affected Software1

Tenable Nessus•added 2006/10/14 12:0 a.m.•20 views

Debian DSA-1007-1 : drupal - several vulnerabilities

The Drupal Security Team discovered several vulnerabilities in Drupal, a fully-featured content management and discussion engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1225 Due to missing input sanitising a remote attacker could inject...

5.1CVSS5.7AI score0.02167EPSS

Exploits0References9

NVD•added 2006/03/14 7:6 p.m.•23 views

CVE-2006-1225

CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy...

5CVSS6.6AI score0.01075EPSS

Exploits0References9

Prion•added 2006/03/14 7:6 p.m.•12 views

Crlf injection

CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy...

5CVSS6.9AI score0.01075EPSS

Exploits0References9Affected Software1

UbuntuCve•added 2006/03/14 7:6 p.m.•23 views

CVE-2006-1225

CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy...

5CVSS6AI score0.01075EPSS

Exploits0References1

CVE•added 2006/03/14 7:0 p.m.•59 views

CVE-2006-1225

CVE-2006-1225 is a CRLF-injection vulnerability in Drupal (4.5.x up to 4.5.7/4.6.x up to 4.5.7) that allows a remote attacker to inject headers into outgoing e‑mails and use Drupal as a spam proxy due to missing input sanitising. Debian DSA-1007-1 notes fixes in Drupal 4.5.3-6 (and 4.5.8-1 for si...

5CVSS6.6AI score0.01075EPSS

Exploits0References9Affected Software1

Prion•added 2006/02/10 11:2 a.m.•13 views

Crlf injection

CRLF injection vulnerability in mailback.pl in Erik C. Thauvin mailback allows remote attackers to use mailback as a "spam proxy" by modifying mail headers, including recipient e-mail addresses, via newline characters in the Subject field...

5CVSS7.4AI score0.00704EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by