Morteza Maleki

5 exploits Active since Nov 2025
CVE-2025-61084 WRITEUP HIGH WRITEUP
MDaemon Mail Server 23.5.2 - Info Disclosure
MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets (<>) in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation, allowing email spoofing even when anti-spoofing protections are in place. NOTE: this is disputed by the Supplier because UI spoofing occurs in a client, not in a server such as MDaemon's product or any other server implementation. Also, if a client without its own spoofing protection must be used, the Header Screening feature in MDaemon's product can be employed to mitigate the client-side vulnerability.
CVSS 7.1
CVE-2025-66823 WRITEUP MEDIUM WRITEUP
TrueConf Server 5.5.2.10813 - HTML Injection
An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field allows an attacker to inject arbitrary HTML in the Create/Edit conference functionality. The payload will be triggered when the victim opens the Conference Info page ([conference url]/info).
CVSS 5.4
CVE-2025-66824 WRITEUP HIGH WRITEUP
TrueConf Server v5.5.2.10813 - XSS
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meeting_room parameter and executed when users visit the Conference Info page, allowing attackers to achieve full Account Takeover (ATO). This issue is caused by improper sanitization of user-supplied input in the meeting_room field.
CVSS 8.7
CVE-2025-66834 WRITEUP HIGH WRITEUP
TrueConf Server <5.5.2.10813 - Formula Injection
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name.
CVSS 7.3
CVE-2025-66835 WRITEUP HIGH WRITEUP
TrueConf Client 8.5.2 - Code Injection
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context.
CVSS 7.1