CVE-2023-26432
When adding an external mail account, processing of SMTP “capabilities” responses are not limited to plausible sizes. Attacker with access to a rogue SMTP service…
Devamını oku
Day: Haziran 20, 2023
CVE-2023-26431
IPv4-mapped IPv6 addresses did not get recognized as “local” by the code and a connection attempt is made. Attackers with access to user accounts could…
CVE-2023-26429
Control characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedback and potentially break the exported…
CVE-2023-26428
Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Signatures of other users could be read even…
CVE-2023-26427
Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default permissions for noreply.properties set…
[webapps] WP Sticky Social 1.0.1 – Cross-Site Request Forgery to Stored Cross-Site Scripting (XSS)
WP Sticky Social 1.0.1 – Cross-Site Request Forgery to Stored Cross-Site Scripting (XSS) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[webapps] Super Socializer 7.13.52 – Reflected XSS
Super Socializer 7.13.52 – Reflected XSS Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[remote] Nokia ASIKA 7.13.52 – Hard-coded private key disclosure
Nokia ASIKA 7.13.52 – Hard-coded private key disclosure Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed
[webapps] SPIP v4.2.1 – Remote Code Execution (Unauthenticated)
SPIP v4.2.1 – Remote Code Execution (Unauthenticated) Exploit ile ilgili teknik detaylar için Devamını Oku Kaynak: Exploit-DB.com RSS Feed