www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands.
Recent assessments:
jrobles-r7 at May 09, 2019 5:57pm UTC reported:
The /admin/managetracing/search/search endpoint in MailCleaner Community Edition allows an authenticated user to inject operating system commands.
Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 2