Lucene search
K

95 matches found

NVD
NVD
added 2024/06/17 8:15 a.m.14 views

CVE-2024-6048

Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email attachments. An unauthenticated remote attacker can exploit this vulnerability to inject system commands and execute them on the remote server...

9.8CVSS0.00678EPSS
Exploits0References2
CVE
CVE
added 2024/06/17 7:28 a.m.51 views

CVE-2024-6048

CVE-2024-6048 affects Openfind MailGates and MailAudit. The flaw: improper filtering of input in analysis of email attachments enables an unauthenticated remote attacker to inject and execute system commands on the affected server. Impact per metrics is high on confidentiality, integrity, and ava...

9.8CVSS9.8AI score0.00678EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/17 7:28 a.m.10 views

CVE-2024-6048 Openfind MailGates and MailAudit - OS Command Injection

Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email attachments. An unauthenticated remote attacker can exploit this vulnerability to inject system commands and execute them on the remote server...

9.8CVSS7.7AI score0.00678EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/17 7:28 a.m.20 views

CVE-2024-6048 Openfind MailGates and MailAudit - OS Command Injection

Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email attachments. An unauthenticated remote attacker can exploit this vulnerability to inject system commands and execute them on the remote server...

9.8CVSS0.00678EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/17 12:0 a.m.3 views

Openfind Information Technology MailAudit Operating System Command Injection Vulnerability

Openfind Information Technology MailAudit is a software for enterprise email security auditing from Openfind Information Technology Taiwan, China. An operating system command injection vulnerability exists in Openfind Information Technology MailAudit, which originates from an inability to properl...

9.8CVSS7.4AI score0.00678EPSS
Exploits0References3
OSV
OSV
added 2024/05/27 6:15 a.m.4 views

CVE-2024-5400

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

8.8CVSS6.1AI score0.00578EPSS
Exploits0References1
NVD
NVD
added 2024/05/27 6:15 a.m.14 views

CVE-2024-5400

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

8.8CVSS9.1AI score0.00578EPSS
Exploits0References1
CVE
CVE
added 2024/05/27 5:36 a.m.75 views

CVE-2024-5400

CVE-2024-5400 affects Openfind Mail2000, where a CGI parameter handling vulnerability enables OS command injection. Multiple sources describe that remote attackers with regular privileges can exploit improper filtering of specific CGI parameters to execute arbitrary system commands on the remote ...

8.8CVSS9.1AI score0.00578EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/27 5:36 a.m.23 views

CVE-2024-5400 Openfind Mail2000 - OS Command Injection

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

8.8CVSS7.9AI score0.00578EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/27 5:36 a.m.38 views

CVE-2024-5400 Openfind Mail2000 - OS Command Injection

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

8.8CVSS9.1AI score0.00578EPSS
Exploits0References1
NVD
NVD
added 2024/05/27 4:15 a.m.13 views

CVE-2024-5399

Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

7.2CVSS7.4AI score0.00562EPSS
Exploits0References1
OSV
OSV
added 2024/05/27 4:15 a.m.5 views

CVE-2024-5399

Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

7.2CVSS6.1AI score0.00562EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/27 3:32 a.m.33 views

CVE-2024-5399 Openfind Mail2000 - OS Command Injection

Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

7.2CVSS7.9AI score0.00562EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/27 3:32 a.m.43 views

CVE-2024-5399 Openfind Mail2000 - OS Command Injection

Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

7.2CVSS7.4AI score0.00562EPSS
Exploits0References1
CVE
CVE
added 2024/05/27 3:32 a.m.106 views

CVE-2024-5399

Openfind Mail2000 is affected by an OS command injection vulnerability (CVE-2024-5399) stemming from improper filtering of parameters in a specific API. The flaw allows remote attackers with administrative privileges to execute arbitrary system commands on the remote server. The issue is reported...

7.2CVSS7.4AI score0.00562EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/27 12:0 a.m.6 views

Openfind Mail2000 操作系统命令注入漏洞

Openfind Mail2000 is a Web-based e-mail system. An operating system command injection vulnerability exists in versions prior to Openfind Mail2000 V8.0 Patch 34, which stems from the inability to properly filter the parameters of a specific CGI, allowing an attacker to execute arbitrary system...

8.8CVSS8.1AI score0.00578EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/27 12:0 a.m.4 views

Openfind Mail2000 操作系统命令注入漏洞

Openfind Mail2000 is a Web-based e-mail system. Openfind Mail2000 suffers from an operating system command injection vulnerability that originates from failure to properly filter specific API parameters, which can be exploited by a remote attacker to execute arbitrary system commands on a remote...

7.2CVSS8.2AI score0.00562EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.9 views

PT-2024-36006

Name of the Vulnerable Software and Affected Versions: Openfind Mail2000 affected versions not specified Description: The issue is related to improper filtering of parameters in specific CGI, allowing remote attackers with regular privileges to execute arbitrary system commands on the remote...

8.8CVSS6.2AI score0.00578EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.7 views

PT-2024-36002

Name of the Vulnerable Software and Affected Versions: Openfind Mail2000 affected versions not specified Description: The issue is related to improper filtering of parameters in a specific API, allowing remote attackers with administrative privileges to execute arbitrary system commands on the...

7.2CVSS6.2AI score0.00562EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/06/09 9:7 a.m.4 views

CVE-2023-28705

Openfind Mail2000 has insufficient filtering special characters of email content of its content filtering function. A remote attacker can exploit this vulnerability using phishing emails that contain malicious web pages injected with JavaScript. When users access the system and open the email, it...

6.1CVSS5.9AI score0.00429EPSS
Exploits0References2
Rows per page
Query Builder