124 matches found
PT-2024-41036 · Stalker · Communigate Pro
Name of the Vulnerable Software and Affected Versions: CommuniGate Pro affected versions not specified Description: The issue is related to a buffer overflow on the stack in the CommuniGate Pro mail server. Exploitation of this issue may allow a remote attacker to execute arbitrary code...
CVE-2018-18621
CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...
CVE-2018-18621
CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...
Design/Logic Flaw
CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...
CVE-2018-18621
CVE-2018-18621 affects CommuniGate Pro 6.2 via a stored XSS in Pronto! Mail Composer. The vulnerability occurs when the raw email link (in .txt format) is modified and renamed with a .html or .wssp extension, and the malformed message body is mishandled by /MIME/INBOX-MM-1/. Documented impact is ...
CVE-2018-18621
CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link in .txt format is modified and then renamed with a .html or .wssp extension...
CommuniGatePro Detection Consolidation
Consolidation of CommuniGate Pro detections. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CommuniGate Pro Detection (SMTP)
Detection of CommuniGate Pro. This script performs SMTP based detection of CommuniGate Pro. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CommuniGate Pro Detection (IMAP)
Detection of CommuniGate Pro. This script performs IMAP based detection of CommuniGate Pro. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CommuniGate Pro Detection (HTTP)
Detection of CommuniGate Pro. The script sends a connection request to the server and attempts to detect CommuniGate Pro and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
Stalker CommuniGate Pro Label Validation Vulnerability
Stalker CommuniGate Pro CGP is a comprehensive mail transfer agent MTA developed by Stalker Software, Inc. that supports multiple platforms. A security vulnerability in the implementation of the 'XML Interface to Messaging, Scheduling, and Signaling' XIMSS protocol in Stalker CGP version 6.2 stem...
CVE-2018-3815
The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...
Input validation
The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...
CVE-2018-3815
The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...
CVE-2018-3815
CVE-2018-3815 concerns CommuniGate Pro (CGP) 6.2 where the XML Interface to Messaging, Scheduling, and Signaling (XIMSS) protocol lacks validation, enabling email spoofing. An authenticated attacker can send a message from any source address by issuing an HTTP POST to the /Session URI and interch...
CVE-2018-3815
The "XML Interface to Messaging, Scheduling, and Signaling" XIMSS protocol implementation in CommuniGate Pro CGP 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email...
CommuniGate Pro WebMail Crystal, pronto and pronto4 component cross-site scripting vulnerability
CommuniGate Pro is a comprehensive Mail Transfer Agent MTA developed by CommuniGate, Inc. that supports multiple platforms.WebMail Crystal, pronto and pronto4 are among the components used in it. A cross-site scripting vulnerability exists in the WebMail Crystal, pronto and pronto4 components of...
Cross site scripting
The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...
CVE-2017-16962
The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...
CVE-2017-16962
The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...