EUVD-2025-14281

Malicious code in bioql PyPI...

EUVD-2022-39892

Malicious code in bioql PyPI...

EUVD-2022-39891

Malicious code in bioql PyPI...

EUVD-2022-39894

Malicious code in bioql PyPI...

The vulnerability of the MDaemon email server, related to the lack of protective measures for website structures, allows attackers to perform cross-site scripting attacks.

The vulnerability of the MDaemon email server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

June “In the Trend of VM” (#16): vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver

June "In the Trend of VM" 16: vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver. A traditional monthly vulnerability roundup. Post on Habr rus Digest on the PT website rus A total of 7 trending vulnerabilities: Elevation of...

About Cross Site Scripting – MDaemon Email Server (CVE-2024-11182)

About Cross Site Scripting - MDaemon Email Server CVE-2024-11182. An attacker can send an HTML-formatted email containing malicious JavaScript code embedded in an img tag. If the user opens the email in the MDaemon Email Server's web interface, the malicious JavaScript code will execute in the...

CVE-2024-11182

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary JavaScript code in the context of a webmail user's browser window...

CVE-2023-52269

MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This might allow domain administrators to conduct attacks against global administrators...

CVE-2022-37245

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the Blacklist endpoint...

CVE-2022-25356

Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection...

MDaemon Email Server Installed (Windows)

Binary data mdaemonemailserverwininstalled.nbin...

Alt-N MDaemon < 24.5.1 XSS

The remote Windows host is running a version of MDaemon that is earlier than 24.5.1. It is, therefore, potentially affected by a cross-site scripting vulnerability. An attacker can send an HTML e-mail message with JavaScript in an img tag. This could allow a remote attacker to load arbitrary...

CVE-2022-37241

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the dataleaklistajax endpoint...

CVE-2022-29976

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0...

CVE-2022-29975

An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0...

CVE-2020-18723

Stored cross-site scripting XSS in file attachment field in MDaemon webmail 19.5.5 allows an attacker to execute code on the email recipient side while forwarding an email to perform potentially malicious activities...

CVE-2019-8983

MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS issue 1 of 2...

CVE-2019-8984

MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS issue 2 of 2...

CVE-2018-17792

MDaemon Webmail formerly WorldClient has CSRF...