Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
legalhackers.com vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-10073
The from method in library/core/class.email.php in Vanilla Forums prior to 2.3.1 allows remote malicious users to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request.
Vanillaforums Vanilla
1 EDB exploit
1 Article
9.8
CVSSv3
CVE-2016-10074
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer prior to 5.4.5 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address in the ...
Swiftmailer Swiftmailer
3 EDB exploits
1 Github repository
1 Article
9.8
CVSSv3
CVE-2016-10045
The isMail transport in PHPMailer prior to 5.2.20 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the ...
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
3 EDB exploits
87 Github repositories
9.8
CVSSv3
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
114 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started