36 matches found
CVE-2025-68722
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery CSRF vulnerability in the WebAdmin interface through improper handling of the s breadcrumb parameter. The application accepts state-changing requests via the GET method and automatically processes...
CVE-2025-68723
Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting XSS vulnerabilities in the WebAdmin interface. Three instances exist: 1 the log file name parameter in the Local Services Log page, 2 certificate file content in the SSL Certificates View Usage feature, and 3 the...
CVE-2025-68722
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery CSRF vulnerability in the WebAdmin interface through improper handling of the s breadcrumb parameter. The application accepts state-changing requests via the GET method and automatically processes...
CVE-2025-68722
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery CSRF vulnerability in the WebAdmin interface through improper handling of the s breadcrumb parameter. The application accepts state-changing requests via the GET method and automatically processes...
CVE-2025-68723
Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting XSS vulnerabilities in the WebAdmin interface. Three instances exist: 1 the log file name parameter in the Local Services Log page, 2 certificate file content in the SSL Certificates View Usage feature, and 3 the...
EUVD-2025-206861
Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting XSS vulnerabilities in the WebAdmin interface. Three instances exist: 1 the log file name parameter in the Local Services Log page, 2 certificate file content in the SSL Certificates View Usage feature, and 3 the...
CVE-2025-68723
Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting XSS vulnerabilities in the WebAdmin interface. Three instances exist: 1 the log file name parameter in the Local Services Log page, 2 certificate file content in the SSL Certificates View Usage feature, and 3 the...
CVE-2025-68721
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint page=sslcerts. This allows the...
CVE-2025-68722
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery CSRF vulnerability in the WebAdmin interface through improper handling of the s breadcrumb parameter. The application accepts state-changing requests via the GET method and automatically processes...
CVE-2025-68723
Axigen Mail Server before 10.5.57 contains multiple stored Cross-Site Scripting XSS vulnerabilities in the WebAdmin interface. Three instances exist: 1 the log file name parameter in the Local Services Log page, 2 certificate file content in the SSL Certificates View Usage feature, and 3 the...
CVE-2025-68723
Axigen Mail Server prior to version 10.5.57 is affected by multiple stored XSS flaws in the WebAdmin interface (three instances: log file name on Local Services Log page, certificate file content in SSL Certificates View Usage, and the Certificate File name in WebMail Listeners SSL settings). The...
Axigen Mail Server 安全漏洞
Axigen Mail Server is a mail server software developed by Axigen Corporation. Versions of Axigen Mail Server prior to 10.5.57 contained security vulnerabilities. These vulnerabilities stemmed from multiple stored-cross-site scripts in the WebAdmin interface. Attackers could inject and execute...
CVE-2025-68722
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery CSRF vulnerability in the WebAdmin interface through improper handling of the s breadcrumb parameter. The application accepts state-changing requests via the GET method and automatically processes...
EUVD-2017-9154
Malware in sbrugna...
EUVD-2007-4512
Malware in sbrugna...
EUVD-2008-2744
Malware in sbrugna...
CVE-2021-41382
Plastic SCM before 10.0.16.5622 mishandles the WebAdmin server management interface...
Axigen 8.10 Directory Traversal
Axigen version 8.10 directory traversal exploit that demonstrates a flaw discovered in 2012. ============================================================================================================================================= | Title : Axigen 8.10 WebAdmin interface Directory Traversal...
The vulnerabilities of the WebAdmin and WebClient interfaces of the SFTPGo file transfer and storage server allow attackers to circumvent existing security restrictions and enhance their privileges.
The vulnerability of the WebAdmin and WebClient interfaces of the SFTPGo file transfer and storage server is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by resetting user passwords and...
CVE-2022-3696
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...