14 matches found
CVE-2018-25309
CVE-2018-25309 affects MyBB 17.0 Recent Threads. It is a persistent XSS in the thread subject that lets attackers inject scripts to execute in the browsers of users viewing the index page. The root cause is crafted subject lines containing script tags, enabling arbitrary JavaScript execution in a...
SEPPmail Secure Email Gateway 安全漏洞
SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the ability of attackers to create password tags that...
EUVD-2003-0956
Malware in sbrugna...
EUVD-2025-12591
Malicious code in bioql PyPI...
GNU Mailman 操作系统命令注入漏洞
GNU Mailman is a mailing list management software commonly used to create, manage and maintain mailing lists. A command injection vulnerability exists in GNU Mailman. The vulnerability stems from a failure to properly filter shell metacharacters in the subject line of an email message. An attacke...
MuWire 跨站脚本漏洞
MuWire is an open source file publishing and networking tool that uses 12P technology to protect the identity of its users.A security vulnerability in the desktop client prior to MuWire version 0.8.8 could be exploited by an attacker to send a message with a subject line containing a URL tagged...
CVE-2017-9801
When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers...
Phorum 3.4 Email Subject Line Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7262/info It has been reported that it is possible to inject script code into the subject of a message in Phorum. This may be done by constructing a malicious subject line or other fields before sending an email to the...
ovidentiaXSS.txt
Ovidentia is a project which allows you to publish with extreme ease and very fast an intranet, extranet or internet portal with the classic functions of a Content Management System CMS. Its website is at http://www.ovidentia.org Ovidentia suffers from a vulnerability which allows you to embed XS...
CVE-2003-0966
Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line...
Phorum 3.4 - Email Subject Line Script Injection
source: https://www.securityfocus.com/bid/7262/info It has been reported that it is possible to inject script code into the subject of a message in Phorum. This may be done by constructing a malicious subject line or other fields before sending an email to the target victim. "alert"Vulnerable";...
CVE-1999-1553
CVE-1999-1553 concerns XCmail 0.99.6 with autoquote enabled. The vulnerability is a buffer overflow triggered by a long subject line, allowing remote attackers to execute arbitrary commands. Documents explicitly state XCmail 0.99.6 and the autoquote feature as the context, with the overflow descr...
CVE-1999-1553
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line...
CVE-1999-1553
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line...