Search Results | AttackerKB

Show filters

Topics 15 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

15 Total Results

Displaying 11-15 of 15

Attacker Value

Unknown

CVE-2023-0470

Disclosure Date: January 26, 2023 (last updated February 24, 2025)

Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-0438

Disclosure Date: January 23, 2023 (last updated February 24, 2025)

Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-0406

Disclosure Date: January 19, 2023 (last updated February 24, 2025)

Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-0398

Disclosure Date: January 19, 2023 (last updated February 24, 2025)

Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2019-19702

Disclosure Date: December 10, 2019 (last updated November 27, 2024)

The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this to perform a denial of service against the DMARC reporting functionality, such as by referencing the /dev/random file within XML documents that are emailed to the address in the rua field of the DMARC records of a domain.

Attack Vector: Network Privileges: None User Interaction: None

0