86 matches found
CVE-2025-13164
EasyFlow GP from Digiwin has an Insufficiently Protected Credentials vulnerability that could let privileged remote attackers obtain plaintext credentials for Active Directory and system mail from the system frontend. The CVE entry notes impact to confidentiality (C) with high severity per CVSS d...
EUVD-2011-2457
Malware in sbrugna...
EUVD-2011-1342
Malware in sbrugna...
CVE-2011-2468
Directory traversal vulnerability in the web interface in AnyMacro Mail System G4X allows remote attackers to read arbitrary files via directory traversal sequences in a request...
ARTEC EMA Mail 安全漏洞
ARTEC EMA Mail is an enterprise-class encrypted mail system from ARTEC. A security vulnerability exists in ARTEC EMA Mail version 6.92 that stems from vulnerability to cross-site request forgery attacks...
The vulnerability of OMICARD’s marketing mailing system lies in the improper restriction on the name of the path to the restricted catalog. This allows attackers to bypass the authentication process and upload arbitrary files.
The vulnerability of OMICARD’s marketing email system is related to incorrect restrictions on the path name to the restricted catalog during the processing of the FileName parameter. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures and upload arbitrary...
CVE-2019-15073
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities...
CVE-2019-15073
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities...
CVE-2019-15072
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting XSS vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities...
CVE-2019-15072 Openfind MAIL2000 Webmail Post-Auth Cross-Site Scripting
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting XSS vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities...
CVE-2019-15073 Openfind MAIL2000 Webmail Pre-Auth Open Redirect
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities...
CVE-2019-15071
The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting XSS vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of...
CVE-2019-15071 Openfind MAIL2000 Webmail Pre-Auth Cross-Site Scripting
The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting XSS vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of...
Command Execution Vulnerability in Goldie's Mail System
Kindie mail system is an e-mail server developed for the communication needs of enterprises and institutions, the software system kernel is developed in C++, with strong stability and security. A command execution vulnerability exists in the Goldpac Email System, which can be exploited by an...
SQL Injection Vulnerability in ewomail Mail System
Ltd. has been engaged in e-mail technology solutions and development, to provide enterprises with secure and stable mail server software and technical support. SQL injection vulnerability exists in the ewomail mail system, which can be exploited by attackers to obtain sensitive database informati...
Coremail Mail System Service Unauthorized Access Vulnerability
Coremail mail system is a large-scale enterprise mail system independently researched and developed by Lonker Technology Guangzhou Co., Ltd hereinafter referred to as Lonker, which provides customers with overall technical solutions for e-mail and enterprise post office operation services.As the...
Coremail Mail System Service Interface Parameter Injection Vulnerability
Coremail mail system is a large-scale enterprise mail system independently researched and developed by Lonker Technology Guangzhou Co., Ltd hereinafter referred to as Lonker, which provides customers with overall technical solutions for e-mail and enterprise post office operation services.As the...
CVE-2014-1203
The getloginipconfigfile function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php...
Design/Logic Flaw
The getloginipconfigfile function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php...
CVE-2014-1203
The getloginipconfigfile function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php...