Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

8 matches found

EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’5 views

EUVD-2000-1151

Malware in sbrugna...

7.5CVSS6.4AI score0.00874EPSS
Exploits0References5
CVE
CVEβ€’added 2005/07/14 4:0 a.m.β€’55 views

CVE-2001-1537

The CVE concerns TWIG webmail versions 2.7.4 and earlier where the default 'basic' security setting in config.php stores cleartext usernames and passwords in cookies. This could allow an attacker to obtain authentication information and gain privileges. The PT-2001-2622 entry reiterates the affec...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References3Affected Software1
CVE
CVEβ€’added 2002/06/25 4:0 a.m.β€’50 views

CVE-2000-1166

CVE-2000-1166 affects the Twig webmail system. The issue arises when the vhosts variable isn’t set on the site, allowing a remote attacker to inject arbitrary PHP (PHP3) code by supplying an alternate vhosts value to index.php3. Root cause: improper handling of the vhosts variable during initiali...

7.5CVSS7.4AI score0.00874EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistβ€’added 2002/06/25 4:0 a.m.β€’23 views

CVE-2000-1166

Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP PHP3 code by specifying an alternate vhosts as an argument to the index.php3 program...

7AI score0.00874EPSS
Exploits0References4
NVD
NVDβ€’added 2001/12/31 5:0 a.m.β€’18 views

CVE-2001-1537

The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges...

7.5CVSS7.7AI score0.00254EPSS
Exploits0References3
Positive Technologies
Positive Technologiesβ€’added 2001/12/31 12:0 a.m.β€’4 views

PT-2001-2622 Β· Twig Β· Twig Webmail

Name of the Vulnerable Software and Affected Versions: TWIG webmail versions 2.7.4 and earlier Description: The default "basic" security setting in config.php for TWIG webmail stores cleartext usernames and passwords in cookies. This could allow attackers to obtain authentication information and...

7.5CVSS6.3AI score0.00254EPSS
Exploits0References5
securityvulns
securityvulnsβ€’added 2001/05/29 12:0 a.m.β€’45 views

TWIG SQL query bugs

I can't find the person who really in charge on developing twig, so I mail about this bug to the person who announce new version of twig about two month ago. -------------------------------------------------------------------------- Subject: Unquoted SQL query = potential damage Software package:...

7.8AI score
Exploits0
NVD
NVDβ€’added 2001/01/09 5:0 a.m.β€’20 views

CVE-2000-1166

Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP PHP3 code by specifying an alternate vhosts as an argument to the index.php3 program...

7.5CVSS7AI score0.00874EPSS
Exploits0References4
Rows per page
Query Builder