EUVD-2022-2788

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-50340

An Insecure Direct Object Reference IDOR vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email-sending request. The server fails to verify whether the authenticated...

CVE-2024-50702

TeamPass before 3.1.3.1 does not properly check whether a mailme aka actionmail operation is on behalf of an administrator or manager...

CVE-2024-50702

Summary: CVE-2024-50702 affects TeamPass prior to 3.1.3.1. The vulnerability arises from improper authorization checks in the mail_me/action_mail operation, allowing an unauthorized actor to perform actions intended for administrators or managers. Documents consistently describe this as an author...

Cross-Site Request Forgery in Jenkins Mailer Plugin

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

GHSA-6G57-H38C-Q52G Cross-Site Request Forgery in Jenkins Mailer Plugin

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

CVE-2018-8718

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

CVE-2018-8718

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

CVE-2018-8718

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

CVE-2018-8718

Cross-site request forgery CSRF vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request...

QwikMail 0.3 HELO Command Buffer Overflow Vulnerability

No description provided by source. source: www.securityfocus.com/bid/11989/info QwikMail qwik-smtpd is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data. This issue could theoretically...

Mambo Site Server 4.0.14 contact.php Unauthorized Mail Relay

No description provided by source. source: http://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database queries and send anonymous...

Brian Dorricott MAILTO 1.0.7-9 Unauthorized Mail Server Use Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3669/info MAILTO is a program maintained by Brian Dorricott. It enables web servers to allow forms to be converted into mail messages that can be sent to numerous recipients. An issue exists in MAILTO which could allow an...

Novell Groupwise Windows客户端API非授权邮件访问漏洞

BUGTRAQ ID: 18716 CVECAN ID: CVE-2006-3268 Novell GroupWise是一款跨平台协作软件。 Novell GroupWise的客户端API实现上存在漏洞，攻击者可能利用漏洞绕过安全限制，访问某些非授权的邮件。 Novell Groupwise 7.x Novell Groupwise 6.x Novell Groupwise 5.x 厂商补丁： Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： GroupWise 6.5: Apply SP6 Client Update 1...

Symantec Mail Security for Domino Arbitrary Mail Relay

Symantec Mail Security for Domino, which provides antispam and anti- virus protection for Lotus Domino, is installed on the remote Windows host. The Premium Antispam feature included with the version of Symantec Mail Security for Domino on the remote host reportedly fails to recognize and reject ...

Postfix mail server IPv6 configuration unauthorized mail relaying

In specific configurations, for example if ran in chroot environment on IPv6 network, message relaying is not limited allowing relay to be used for SPAM sending...

QwikMail 0.3 - HELO Buffer Overflow (PoC)

QwikMail 0.3 - HELO Buffer Overflow PoC source: www.securityfocus.com/bid/11989/info QwikMail qwik-smtpd is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data. This issue could...

QwikMail 0.3 - 'HELO' Buffer Overflow (PoC)

source: www.securityfocus.com/bid/11989/info QwikMail qwik-smtpd is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data. This issue could theoretically be exploited to execute arbitrary...

SCSA021.txt

====================================================================== Security Corporation Security Advisory SCSA-021 Anonymous Mail Forwarding Vulnerabilities in vbPortal ====================================================================== PROGRAM: vbPortal HOMEPAGE: http://www.vbportal.com...