43 matches found
CVE-2026-32852
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
EUVD-2026-14521
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852 MailEnable < 10.55 Reflected XSS via FreeBusy.aspx StartDate Parameter
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852 MailEnable < 10.55 Reflected XSS via FreeBusy.aspx StartDate Parameter
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
PT-2026-27181
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
MailEnable 跨站脚本漏洞
MailEnable is a Windows-based business email server. A cross-site scripting vulnerability exists in the MailEnable StartDate parameter, which stems from improper cleanup of the StartDate parameter in the FreeBusy.aspx form in the Webmail interface, and can be exploited by an attacker to execute...
EUVD-2021-21310
Malware in sbrugna...
EUVD-2022-37855
Malicious code in bioql PyPI...
EUVD-2022-37853
Malicious code in bioql PyPI...
EUVD-2022-37848
Malicious code in bioql PyPI...
CVE-2022-34953
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php...
CVE-2022-34946
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getexpproduct.php...
CVE-2023-48893
SLiMS aka SENAYAN Library Management System through 9.6.1 allows admin/modules/reporting/customs/staffact.php SQL Injection via startDate or untilDate...
Stracker SQL注入漏洞
Stracker is an application by visegripped individual developers. Stracker suffers from a SQL injection vulnerability that stems from the fact that incorrect manipulation of the parameters symbol/startDate/endDate can lead to sql injection...
Pharmacy Management System getsalereport.php SQL Injection Vulnerability
Pharmacy Management System MPMS is a multi-lingual pharmacy management system by Mayuri K. Personal developer. version v1.0 of Pharmacy Management System is vulnerable to SQL injection, which stems from the startDate parameter in getsalereport.php parameter in getsalereport.php lacks validation f...
Pharmacy Management System getOrderReport.php SQL Injection Vulnerability
Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from the getOrderReport.php startDate parameter in getOrderReport.php lacks validation for extern...
CVE-2022-34945
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getproductreport.php...
CVE-2022-34945
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getproductreport.php...