CVE-2026-3794 | doramart DoraCMS 3.0.x Email API /api/v1/mail/send improper authentication

Inserito da Angelo Barbosa | Mar 8, 2026 | CVE

A vulnerability described as critical has been identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication.

This vulnerability is referenced as CVE-2026-3794. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-3794 | doramart DoraCMS 3.0.x Email API /api/v1/mail/send improper authentication

Post correlati

CVE-2024-6997 | Google Chrome up to 126.0.6478.182 Tabs use after free

CVE-2023-42308 | code-projects Exam Form Submission 1.0 Manage Fastrack Subjects cross site scripting

CVE-2026-28561 | gVectors wpForo Forum up to 2.4.15 cross site scripting

CVE-2025-14528 | D-Link DIR-803 up to 1.04 Configuration /getcfg.php AUTHORIZED_GROUP information disclosure