39 matches found
Design/Logic Flaw
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection...
Cross site scripting
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the Blacklist endpoint...
Design/Logic Flaw
MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter...
Design/Logic Flaw
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter...
Cross site scripting
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the rulleslistajax endpoint...
CVE-2022-37238
CVE-2022-37238 affects MDaemon Technologies SecurityGateway for Email Servers 8.5.2. The vulnerability is a Cross Site Scripting (XSS) flaw triggered via the currentRequest parameter . Root cause described in the sources is a reflected XSS condition in the parameter handling, with a CVSSv3.1 base...
CVE-2022-37238
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the currentRequest parameter...
CVE-2022-37239
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the rulleslistajax endpoint...
CVE-2022-37240
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter...
CVE-2022-37240
The CVE-2022-37240 entry concerns MDaemon Technologies SecurityGateway for Email Servers (v8.5.2) and describes an HTTP Response Splitting flaw exploitable via the format parameter. Multiple connected sources corroborate the issue and specify the affected product/version, the vulnerable component...
CVE-2022-37242
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to an HTTP Response Splitting issue that is triggered via the data parameter. The PT Security entry specifies the affected software version (8.5.2) and notes that the issue arises from HTTP response splitting related to th...
CVE-2022-37242
MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter...
CVE-2022-37243
CVE-2022-37243 affects MDaemon Technologies SecurityGateway for Email Servers 8.5.2. The issue is a Cross Site Scripting (XSS) vulnerability exploitable via the whitelist endpoint. Root cause details are not specified beyond the XSS via that endpoint. No exploit specifics or in-the-wild usage are...
CVE-2022-37243
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the whitelist endpoint...
CVE-2022-37244
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection...
CVE-2022-37245
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint. The issue, confirmed by PT-2022-23889, indicates an XSS in the Blacklist endpoint that could allow injection of scripts into the page, potentially enabling data the...
PT-2022-23889 · Mdaemon Technologies · Mdaemon Securitygateway For Email Servers
Name of the Vulnerable Software and Affected Versions: MDaemon Technologies SecurityGateway for Email Servers version 8.5.2 Description: The issue is related to Cross Site Scripting XSS and can be exploited via the "Blacklist endpoint". This means that an attacker could potentially inject malicio...
PT-2022-23888 · Mdaemon Technologies · Mdaemon Securitygateway For Email Servers
Name of the Vulnerable Software and Affected Versions: MDaemon Technologies SecurityGateway for Email Servers version 8.5.2 Description: The issue allows for IFRAME Injection via the currentRequest parameter after login, which can lead to the injection of malicious tags, resulting in IFRAME...
PT-2022-23882 · Mdaemon Technologies · Mdaemon Technologies Securitygateway For Email Servers
Name of the Vulnerable Software and Affected Versions: MDaemon Technologies SecurityGateway for Email Servers version 8.5.2 Description: The issue concerns a Cross Site Scripting XSS problem. It can be exploited via the "rulles list ajax" API endpoint. Recommendations: For version 8.5.2, consider...