Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-18313

Malware in sbrugna...

8.8CVSS8.8AI score0.02401EPSS
Exploits5References6
Prion
Prion
added 2018/06/20 2:29 p.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in totemomail Encryption Gateway before 6.0.0Build371 allow remote attackers to hijack the authentication of users for requests that 1 change user settings, 2 send emails, or 3 change contact information by leveraging lack of an anti-CSRF...

6.8CVSS9AI score0.02401EPSS
Exploits5References4Affected Software1
NVD
NVD
added 2018/06/20 2:29 p.m.14 views

CVE-2018-6563

Multiple cross-site request forgery CSRF vulnerabilities in totemomail Encryption Gateway before 6.0.0Build371 allow remote attackers to hijack the authentication of users for requests that 1 change user settings, 2 send emails, or 3 change contact information by leveraging lack of an anti-CSRF...

8.8CVSS9AI score0.02401EPSS
Exploits5References4
CVE
CVE
added 2018/06/20 2:0 p.m.60 views

CVE-2018-6563

The CVE-2018-6563 entry describes a CSRF vulnerability in totemomail Encryption Gateway prior to 6.0.0_Build_371, caused by missing anti-CSRF tokens. This allows remote attackers to hijack user authentication for requests that change settings, send emails, or modify contact information. Affected ...

8.8CVSS8.9AI score0.02401EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2018/06/20 2:0 p.m.22 views

CVE-2018-6563

Multiple cross-site request forgery CSRF vulnerabilities in totemomail Encryption Gateway before 6.0.0Build371 allow remote attackers to hijack the authentication of users for requests that 1 change user settings, 2 send emails, or 3 change contact information by leveraging lack of an anti-CSRF...

9.1AI score0.02401EPSS
Exploits5References4
CNVD
CNVD
added 2018/06/07 12:0 a.m.2 views

totemomail Encryption Gateway Cross-Site Request Forgery Vulnerability

totemomail Encryption Gateway is a gateway for email encryption. A cross-site request forgery vulnerability exists in versions prior to totemomail Encryption Gateway 6.0.0Build371. A remote attacker can exploit this vulnerability to change user settings, send emails, or change contact information...

8.8CVSS8.7AI score0.02401EPSS
Exploits5References1
NVD
NVD
added 2018/05/18 8:29 p.m.20 views

CVE-2018-6562

totemomail Encryption Gateway before 6.0b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack...

7.5CVSS7.3AI score0.00736EPSS
Exploits1References3
CVE
CVE
added 2018/05/18 8:0 p.m.37 views

CVE-2018-6562

The CVE-2018-6562 entry concerns totemomail Encryption Gateway prior to 6.0_b567, where a JSONP hijacking vulnerability allows remote attackers to obtain sensitive information about user sessions and encryption key material. Public sources describe this as a remote, web-facing information-disclos...

7.5CVSS7.2AI score0.00736EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2018/05/18 8:0 p.m.23 views

CVE-2018-6562

totemomail Encryption Gateway before 6.0b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack...

7.3AI score0.00736EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2018/05/16 12:0 a.m.61 views

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery

Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy communication partners or with those who have neither an appropriate...

8.8CVSS8.8AI score0.02401EPSS
Exploits5
0day.today
0day.today
added 2018/05/16 12:0 a.m.61 views

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy communication partners or...

0.1AI score0.02401EPSS
Exploits5
exploitpack
exploitpack
added 2018/05/16 12:0 a.m.49 views

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy...

6.8CVSS0.02401EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/05/15 12:0 a.m.91 views

Totemomail Encryption Gateway 6.0.0_Build_371 JSONP Hijacking

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: totemomail Encryption Gateway Vendor: totemo AG CSNC ID: CSNC-2018-002 CVE ID: CVE-2018-6562 Subject: JSONP hijacking Risk: High Effect: Remotely exploitable Author: Nicolas Heiniger Date: 14.05.2018...

0.00736EPSS
Exploits1
Packet Storm
Packet Storm
added 2018/05/15 12:0 a.m.71 views

Totemomail Encryption Gateway 6.0.0_Build_371 Cross Site Request Forgery

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: totemomail Encryption Gateway Vendor: totemo AG CSNC ID: CSNC-2018-003 CVE ID: CVE-2018-6563 Subject: Cross-Site Request Forgery Risk: High Effect: Remotely exploitable Author: Nicolas Heiniger Date: 14.05.20...

0.4AI score0.02401EPSS
Exploits5
Exploit DB
Exploit DB
added 2016/04/25 12:0 a.m.43 views

Totemomail 4.x/5.x - Persistent Cross-Site Scripting

Document Title: =============== Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1769 Release Date: ============= 2016-04-08 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/04/25 12:0 a.m.49 views

Totemomail 4.x / 5.x - Persistent Cross-Site Scripting

Exploit for jsp platform in category web applications Document Title: =============== Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability Product & Service Introduction: =============================== totemomail® Encryption Gateway protects your email communication with customers a...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2016/04/07 12:0 a.m.40 views

Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability

Document Title: =============== Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1769 Release Date: ============= 2016-04-07 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Rows per page
Query Builder