Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evolution vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0806
Evolution 2.0.3 allows remote malicious users to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
Ximian Evolution 2.0.3
7.5
CVSSv3
CVE-2022-4869
A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information dis...
Evolution-events Artaxerxes
NA
CVE-2006-4678
PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote malicious users to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php.
Comscripts News Evolution 3.0.3
1 EDB exploit
5.4
CVSSv3
CVE-2019-14518
Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel.
Modx Evolution Cms 2.0.0
5.4
CVSSv3
CVE-2020-23238
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.
Evo Evolution Cms 2.0.2
NA
CVE-2007-1002
Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote malicious users to execute arbitrary code via format specifiers in the categories of ...
Evolution Shared Memo 2.8.2.1
7.3
CVSSv3
CVE-2011-3355
evolution-data-server3 3.0.3 up to and including 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the v...
Gnome Evolution-data-server3
5.2
CVSSv3
CVE-2023-43340
Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters
Evo Evolution Cms 3.2.3
6.1
CVSSv3
CVE-2023-43341
Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected uid parameter.
Evo Evolution Cms 3.2.3
7.8
CVSSv3
CVE-2009-3721
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially ...
Gnome Evolution
Ytnef Project Ytnef
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »