33 matches found
EUVD-2019-9117
Malware in sbrugna...
EUVD-2019-5047
Malware in sbrugna...
EUVD-2025-14281
Malicious code in bioql PyPI...
June “In the Trend of VM” (#16): vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver
June "In the Trend of VM" 16: vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver. A traditional monthly vulnerability roundup. Post on Habr rus Digest on the PT website rus A total of 7 trending vulnerabilities: Elevation of...
About Cross Site Scripting – MDaemon Email Server (CVE-2024-11182)
About Cross Site Scripting - MDaemon Email Server CVE-2024-11182. An attacker can send an HTML-formatted email containing malicious JavaScript code embedded in an img tag. If the user opens the email in the MDaemon Email Server's web interface, the malicious JavaScript code will execute in the...
CVE-2024-11182
An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...
MDaemon Email Server Installed (Windows)
Binary data mdaemonemailserverwininstalled.nbin...
CVE-2019-19497
MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message...
CVE-2019-13612
MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB and limits checks to 10 MB even with special configuration, which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious...
MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability
MDaemon Email Server contains a cross-site scripting XSS vulnerability that allows a remote attacker to load arbitrary JavaScript code via an HTML e-mail message...
VulnCheck KEV: CVE-2024-11182
MDaemon Email Server contains a cross-site scripting XSS vulnerability that allows a remote attacker to load arbitrary JavaScript code via an HTML e-mail message...
CVE-2025-3929
An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window, and...
CVE-2025-3929
An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window, and...
CVE-2025-3929
An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window, and...
CVE-2025-3929
CVE-2025-3929 concerns the MDaemon Email Server (versions 25.0.1 and below). The issue is a stored XSS vulnerability where an attacker can send a specially crafted HTML email containing JavaScript in an img tag. When viewed in a webmail client, this could execute arbitrary JavaScript in the user’...
CVE-2025-3929 Stored XSS vulnerability in MDaemon Email Server
An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window, and...
CVE-2025-3929 Stored XSS vulnerability in MDaemon Email Server
An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window, and...
PT-2025-18143 · Unknown · Mdaemon Email Server
Name of the Vulnerable Software and Affected Versions: MDaemon Email Server versions 25.0.1 and below Description: A Stored Cross-Site Scripting XSS issue was discovered, allowing a remote attacker to send a specially crafted HTML e-mail message with JavaScript in an img tag. This could enable th...
MDaemon Email Server 安全漏洞
MDaemon Email Server is an email server from MDaemon, Inc. A security vulnerability exists in MDaemon Email Server 25.0.1 and earlier versions, which originates from JavaScript code in specially crafted HTML emails and could lead to a cross-site scripting attack...
VulnCheck KEV: CVE-2025-3929
An XSS issue was discovered in MDaemon Email Server version 25.0.1 and below. An attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window, and...