PT-2026-25141

wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTP CLIENT IP or HTTP X FORWARDED FOR headers to spoof their IP address and circumve...

EUVD-2022-6693

Malicious code in bioql PyPI...

CVE-2022-2877

The Titan Anti-spam & Security WordPress plugin before 7.3.1 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers...

SECURITY.NNOV: The Bat! 2.x message headers spoofing

Title: The Bat! 2.x message headers spoofing Author: 3APA3A [email protected] Homepage: http://www.security.nnov.ru/ Advisory URL: http://www.security.nnov.ru/advisories/thebatspoof.asp Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable:...

The Bat! X-BAT-FILES

"The Bat!" by RitLabs is extremely convenient mail agent with a lot of features for Windows platforms. One of "The Bat!" features is storing files attached to e-mail messages apart from messages bodies. In this case "The Bat!" puts attached files in preconfigured folder and removes according MIME...