Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2020-23238

Disclosure Date: July 26, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2014-2080

Disclosure Date: March 01, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in ModX Revolution before 2.2.11 allows remote attackers to inject arbitrary web script or HTML via the "a" parameter.
0
0
Attacker Value
Unknown

CVE-2011-3201

Disclosure Date: March 08, 2013 (last updated October 05, 2023)
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
0
0
Attacker Value
Unknown

CVE-2010-4883

Disclosure Date: October 07, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.
0
0
Attacker Value
Unknown

CVE-2009-1631

Disclosure Date: May 14, 2009 (last updated October 04, 2023)
The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.
0
0