Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/12/10 6:13 p.m.3 views

CVE-2025-34403

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is reflected inside a...

6.1CVSS5.8AI score0.00011EPSS
Exploits0References1
OSV
OSVadded 2025/12/10 4:16 p.m.1 views

CVE-2025-34418

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIMF.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

7.8CVSS6.1AI score
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/12/10 4:8 p.m.2 views

CVE-2025-34424 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIDP.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7AI score0.00007EPSS
Exploits0References3
CVE
CVEadded 2025/12/10 4:7 p.m.8 views

CVE-2025-34420

MailEnable

8.5CVSS7AI score0.00007EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2025/12/09 6:15 p.m.3 views

CVE-2025-34403

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is reflected inside a block in the JavaScript variable...

6.1CVSS0.00011EPSS
Exploits0References3
OSV
OSVadded 2025/12/09 6:15 p.m.1 views

CVE-2025-34396

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the...

7.3CVSS6AI score
Exploits0References3
Cvelist
Cvelistadded 2025/12/09 6:10 p.m.16 views

CVE-2025-34408 MailEnable < 10.54 Reflected XSS in Added Parameter of MAI/AddRecipientsResult.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Added parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Added value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...

5.3CVSS0.00014EPSS
Exploits0References3
CVE
CVEadded 2025/12/09 6:7 p.m.4 views

CVE-2025-34407

MailEnable prior to 10.54 contains a reflected XSS in the theme parameter of /Mondo/lang/sys/Forms/Statistics.aspx. The theme value is echoed via GET and can break out of iframes, enabling attacker-supplied script execution in a victim’s browser, with potential redirection, cookie theft, or HTML/...

6.1CVSS5.4AI score0.00014EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder