Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bcc vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-5399
Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote malicious users to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority...
Ibm Lotus Notes 6.0
Autonomy Keyview 10.3.0.0
Ibm Lotus Notes 7.0
Ibm Lotus Notes 7.0.3
Ibm Lotus Notes 6.5
Ibm Lotus Notes 7.0.2
6
CVSSv2
CVE-2007-0399
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Simple Machines Forum (SMF) 1.1 RC3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) recipient or (2) BCC field when selecting send in a pm action.
Simple Machines Simple Machines Forum 1.1 Rc3
1 EDB exploit
5
CVSSv2
CVE-2006-3778
IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail ...
Ibm Lotus Notes 6.0
Ibm Lotus Notes 7.0
Ibm Lotus Notes 6.5
5
CVSSv2
CVE-2004-2137
Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote malicious users to obtain sensitive informat...
Microsoft Outlook Express 6.0
5
CVSSv2
CVE-2002-1575
cgiemail allows remote malicious users to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message.
Mit Cgiemail 1.6
5
CVSSv2
CVE-2002-1917
CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote malicious users to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header.
Geeklog Geeklog 1.35
Geeklog Geeklog 1.3.5 Sr1
5
CVSSv2
CVE-2002-1771
Matt Wright FormMail 1.9 and previous versions allows remote malicious users to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname CGI variables.
Matt Wright Formmail 1.9
Matt Wright Formmail 1.2
Matt Wright Formmail 1.8
Matt Wright Formmail 1.1
Matt Wright Formmail 1.7
Matt Wright Formmail 1.4
Matt Wright Formmail 1.6
Matt Wright Formmail 1.3
Matt Wright Formmail 1.0
Matt Wright Formmail 1.5
5
CVSSv2
CVE-2000-0524
Microsoft Outlook and Outlook Express allow remote malicious users to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From.
Microsoft Outlook 97
Microsoft Exchange Server 4.0
Microsoft Exchange Server 5.0
4.3
CVSSv2
CVE-2021-21435
Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions.
Otrs Otrs
4.3
CVSSv2
CVE-2020-1775
BCC recipients in mails sent from OTRS are visible in article detail on external interface. This issue affects OTRS: 8.0.3 and prior versions, 7.0.17 and prior versions.
Otrs Otrs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »