Lucene search
+L

124 matches found

Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.26 views

PT-2024-41036 · Stalker · Communigate Pro

Name of the Vulnerable Software and Affected Versions: CommuniGate Pro affected versions not specified Description: The issue is related to a buffer overflow on the stack in the CommuniGate Pro mail server. Exploitation of this issue may allow a remote attacker to execute arbitrary code...

10CVSS8.2AI score
Exploits0References3
OSV
OSV
added 2018/10/24 10:29 p.m.6 views

CVE-2018-18621

CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...

6.1CVSS5.8AI score0.01058EPSS
Exploits1References2
NVD
NVD
added 2018/10/24 10:29 p.m.11 views

CVE-2018-18621

CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...

6.1CVSS6AI score0.01058EPSS
Exploits1References2
Prion
Prion
added 2018/10/24 10:29 p.m.11 views

Design/Logic Flaw

CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...

4.3CVSS5.9AI score0.01058EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2018/10/24 10:0 p.m.52 views

CVE-2018-18621

CVE-2018-18621 affects CommuniGate Pro 6.2 via a stored XSS in Pronto! Mail Composer. The vulnerability occurs when the raw email link (in .txt format) is modified and renamed with a .html or .wssp extension, and the malformed message body is mishandled by /MIME/INBOX-MM-1/. Documented impact is ...

6.1CVSS5.9AI score0.01058EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/10/24 10:0 p.m.14 views

CVE-2018-18621

CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...

6AI score0.01058EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/01/15 12:0 a.m.11 views

CommuniGatePro Detection Consolidation

Consolidation of CommuniGate Pro detections. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/01/15 12:0 a.m.13 views

CommuniGate Pro Detection (SMTP)

Detection of CommuniGate Pro. This script performs SMTP based detection of CommuniGate Pro. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/01/15 12:0 a.m.12 views

CommuniGate Pro Detection (IMAP)

Detection of CommuniGate Pro. This script performs IMAP based detection of CommuniGate Pro. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/01/15 12:0 a.m.11 views

CommuniGate Pro Detection (HTTP)

Detection of CommuniGate Pro. The script sends a connection request to the server and attempts to detect CommuniGate Pro and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

7AI score
Exploits0References1
CNVD
CNVD
added 2018/01/11 12:0 a.m.4 views

Stalker CommuniGate Pro Label Validation Vulnerability

Stalker CommuniGate Pro CGP is a comprehensive mail transfer agent MTA developed by Stalker Software, Inc. that supports multiple platforms. A security vulnerability in the implementation of the 'XML Interface to Messaging, Scheduling, and Signaling' XIMSS protocol in Stalker CGP version 6.2 stem...

5.7CVSS7AI score0.0089EPSS
Exploits2References1
OSV
OSV
added 2018/01/08 5:29 a.m.3 views

CVE-2018-3815

The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...

5.7CVSS5.8AI score0.0089EPSS
Exploits2References1
Prion
Prion
added 2018/01/08 5:29 a.m.14 views

Input validation

The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...

3.5CVSS5.5AI score0.0089EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2018/01/08 5:29 a.m.23 views

CVE-2018-3815

The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...

5.7CVSS5.5AI score0.0089EPSS
Exploits2References1
CVE
CVE
added 2018/01/08 5:0 a.m.67 views

CVE-2018-3815

CVE-2018-3815 concerns CommuniGate Pro (CGP) 6.2 where the XML Interface to Messaging, Scheduling, and Signaling (XIMSS) protocol lacks validation, enabling email spoofing. An authenticated attacker can send a message from any source address by issuing an HTTP POST to the /Session URI and interch...

5.7CVSS5.4AI score0.0089EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/01/08 5:0 a.m.24 views

CVE-2018-3815

The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...

5.5AI score0.0089EPSS
Exploits2References1
CNVD
CNVD
added 2017/11/29 12:0 a.m.4 views

CommuniGate Pro WebMail Crystal, pronto and pronto4 component cross-site scripting vulnerability

CommuniGate Pro is a comprehensive Mail Transfer Agent MTA developed by CommuniGate, Inc. that supports multiple platforms.WebMail Crystal, pronto and pronto4 are among the components used in it. A cross-site scripting vulnerability exists in the WebMail Crystal, pronto and pronto4 components of...

6.1CVSS6.4AI score0.02186EPSS
Exploits1References1
Prion
Prion
added 2017/11/27 10:29 a.m.12 views

Cross site scripting

The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...

4.3CVSS6AI score0.02186EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/11/27 10:29 a.m.16 views

CVE-2017-16962

The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...

6.1CVSS6.1AI score0.02186EPSS
Exploits1References2
OSV
OSV
added 2017/11/27 10:29 a.m.5 views

CVE-2017-16962

The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...

6.1CVSS5.8AI score0.02186EPSS
Exploits1References2
Rows per page
Query Builder