CVE-2026-43880

CVE-2026-43880 involves WWBN AVideo’s endpoint objects/sendEmail.json.php, where unauthenticated calls can send emails using the site’s SMTP and the site’s From/Reply-To identity. When contactForm is omitted, an attacker-supplied email becomes the recipient, while the message From/Reply-To uses t...

CVE-2026-43880 WWBN AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Allows Phishing from Site's Legitimate From Address

WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated...

AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Enables Phishing from the Site’s Legitimate From Address

Summary objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated callers, uses the site's own contact email as the message From:/Reply-To:. The...

PT-2026-37296

Name of the Vulnerable Software and Affected Versions AVideo versions prior to 29.0 Description An issue exists in the 'objects/sendEmail.json.php' endpoint where the absence of the contactForm parameter allows unauthenticated users to send emails to arbitrary recipients. When this parameter is...

Scoring Azure Permissions with Metric Spaces

In this work, we introduce two complementary metrics for quantifying and scoring privilege risk in Microsoft Azure. In the Control Plane, we define the WAR distance, a superincreasing distance over Write, Action, and Read control permissions, which yields a total ordering of principals by their...

CVE-2018-10620

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for cod...

CVE-2014-8086

Race condition in the ext4filewriteiter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service file unavailability via a combination of a write action and an FSETFL fcntl operation for the ODIRECT flag...

UBUNTU-CVE-2014-8086

Race condition in the ext4filewriteiter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service file unavailability via a combination of a write action and an FSETFL fcntl operation for the ODIRECT flag...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 contentshort or 2 contentfull parameter in an addnews action to the default URI; 3 the content parameter in a pm write action to 2z/admin.php; 4 the...

CVE-2007-6659

Multiple cross-site scripting XSS vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 contentshort or 2 contentfull parameter in an addnews action to the default URI; 3 the content parameter in a pm write action to 2z/admin.php; 4 the...