Lucene search
K

640 matches found

Nuclei
Nuclei
added 18 hours ago49 views

Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection

Alt-n/MDaemon Security Gateway through 8.5.0 is susceptible to XML injection via SecurityGateway.dll?view=login. An attacker can inject an arbitrary XML argument by adding a new parameter in the HTTP request URL. As a result, the XML parser fails the validation process and discloses information...

5.3CVSS6.3AI score0.05879EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.7 views

CVE-2022-37238

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the currentRequest parameter...

5.4CVSS6.1AI score0.00464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.9 views

CVE-2022-37243

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the whitelist endpoint...

5.4CVSS6.1AI score0.00518EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.6 views

CVE-2022-37239

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting XSS via the rulleslistajax endpoint...

5.4CVSS6.1AI score0.00518EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.5 views

CVE-2022-37240

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter...

9.8CVSS7AI score0.01202EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.8 views

CVE-2022-37244

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection...

5.4CVSS6.9AI score0.00464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/06 12:10 a.m.7 views

CVE-2025-61084

MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation, allowing email spoofing eve...

7.1CVSS6.8AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2025/11/05 3:15 p.m.4 views

CVE-2025-61084

MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation, allowing email spoofing eve...

7.1CVSS0.00215EPSS
Exploits0References1
CVE
CVE
added 2025/11/05 12:0 a.m.17 views

CVE-2025-61084

MDaemon Mail Server 23.5.2 is described as validating SPF, DKIM, and DMARC using the From header content enclosed in angle brackets () during SMTP DATA. An attacker can craft a From header using multiple invisible Unicode thin spaces to display a spoofed sender while still passing validation, ena...

7.1CVSS6.5AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/05 12:0 a.m.15 views

CVE-2025-61084

MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation, allowing email spoofing eve...

0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.10 views

PT-2025-45105

Name of the Vulnerable Software and Affected Versions MDaemon Mail Server version 23.5.2 Description MDaemon Mail Server version 23.5.2 validates Sender Policy Framework SPF, DomainKeys Identified Mail DKIM, and Domain-based Message Authentication, Reporting & Conformance DMARC using the email...

7.1CVSS6.5AI score0.00215EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/05 12:0 a.m.5 views

MDaemon Mail Server 安全漏洞

MDaemon Mail Server is an e-mail server software from MDaemon Inc. in the United States. A security vulnerability exists in MDaemon Mail Server version 23.5.2, which originates from a flaw in the use of email validation SPF, DKIM, and DMARC using the pointed brackets in the From header of the SMT...

7.1CVSS6.6AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-0575

Malware in sbrugna...

5CVSS6.4AI score0.01614EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0064

Malware in sbrugna...

5CVSS6.4AI score0.0186EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-5693

Malware in sbrugna...

7.5CVSS6.4AI score0.0101EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-6853

Malware in sbrugna...

4.3CVSS6.3AI score0.01647EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2000-0498

Malware in sbrugna...

2.6CVSS6.4AI score0.04144EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2002-1719

Malware in sbrugna...

2.1CVSS6.4AI score0.01103EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-5694

Malware in sbrugna...

10CVSS6.4AI score0.0152EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-6926

Malware in sbrugna...

5CVSS6.3AI score0.01182EPSS
Exploits0References7
Rows per page
Query Builder