WordPress Custom New User Notification plugin <= 1.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'User Mail Subject' Setting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'User Mail Subject' Setting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Custom New User Notification versions = 1.2.0...

EUVD-2019-20123

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

CVE-2019-25704

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

CVE-2019-25704 Kados R10 GreenBee SQL Injection via filter_user_mail

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

CVE-2019-25704

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

CVE-2019-25704 Kados R10 GreenBee SQL Injection via filter_user_mail

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

PT-2026-30504

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filter user mail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability, which stems from the injection of SQL code through the filterusermail parameter. This vulnerability may lead to SQL injection attacks...

PT-2026-7077

C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...

EUVD-2005-1904

Malware in sbrugna...

EUVD-1999-0983

Malware in sbrugna...

CVE-2025-59742 Multiple vulnerabilities in AndSoft's e-TMS

SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'USRMAIL' parameter in'/inc/login/TRACKREQUESTFRMSQL.ASP'...

PT-2020-14088 · Gogs · Gogs

Name of the Vulnerable Software and Affected Versions: Gogs version 0.11.91 Description: The issue is related to insecure permissions in Gogs, specifically in the MakeEmailPrimary function located in models/user mail.go. This function lacks a check to ensure the user is the owner of the email,...

CVE-2018-17855

An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself...

Dotclear admin/auth.php file cross-site scripting vulnerability

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in the admin/auth.php file in Dotclear version 2.12.1. This vulnerability can be exploited by remote attackers to inject arbitrary web...

Cross-Site Request Forgery Vulnerability in Multiple Pivotal Products

Pivotal Cloud Foundry PCF Runtime cf-release and others are products of Pivotal Software, Inc. PCF is an open source Platform-as-a-Service PaaS cloud computing platform that provides container scheduling, continuous delivery, and automated service deployment. cf-release is a release version of PC...

openSUSE Security Update : apparmor (openSUSE-2016-491)

This update for apparmor updates some profiles. It is specifically required for the Samba security update. profile updates : - sbin.syslog-ng - usr.sbin.identd - usr.sbin.nscd allows nscd paranoia mode - usr.sbin.smbd - usr.sbin.smbldap-useradd - apache2.d/phpsysinfo updated abstractions : - aspe...

SMF Mod Member Awards 1.0.2 - Blind SQL Injection Exploit

No description provided by source. ------------------------------------------------------------------------- SMF Component Member Awards Blind SQL-injection Vulnerability ------------------------------------------------------------------------- author: eLwaux thanks: mailbrush, antichat.ru,...

Joomla JE Story 1.4 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

SMF Mod Member Awards 1.0.2 Blind SQL Injection Exploit

No description provided by source. ------------------------------------------------------------------------- SMF Component Member Awards Blind SQL-injection Vulnerability ------------------------------------------------------------------------- author: eLwaux thanks: mailbrush, antichat.ru,...