Acmailer - Improper Access Control to OS Command Injection

Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1.1.3 and earlier allows remote attackers to execute an arbitrary OS command, or gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified...

CVE-2023-49780

Cross-site scripting vulnerability exists in acmailer CGI ver.4.0.5 and earlier. An arbitrary script may be executed on the web browser of the user who accessed the management page of the affected product...

EUVD-2015-3054

Malware in sbrugna...

EUVD-2016-2246

Malware in sbrugna...

EUVD-2014-3833

Malware in sbrugna...

EUVD-2025-4863

Malicious code in bioql PyPI...

EUVD-2021-8036

Malicious code in bioql PyPI...

EUVD-2025-4969

Malicious code in bioql PyPI...

EUVD-2021-8035

Malicious code in bioql PyPI...

CVE-2021-20617

Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1.1.3 and earlier allows remote attackers to execute an arbitrary OS command, or gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified...

CVE-2021-20618

Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4 and earlier allows remote attackers to bypass authentication and to gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified vectors...

CVE-2021-46686

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker...

CVE-2021-46686

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker...

CVE-2021-46686

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker...

CVE-2021-46686

CVE-2021-46686 affects acmailer CGI (versions ≤ 4.0.3) and acmailer DB (versions ≤ 1.1.5). The issue is an OS command injection (CWE-78) due to improper neutralization of special elements in OS command handling, allowing an attacker to execute arbitrary commands on the affected system. Affected p...

CVE-2021-46686

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker...

acmailer CGI and acmailer DB vulnerable to OS command injection

Overview acmailer CGI and acmailer DB provided by Extra Innovation Inc. contain an OS command injection vulnerability CWE-78. Extra Innovation Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Extra Innovation Inc. coordinated under the...

Seeds Acmailer和Seeds Acmailer Db 操作系统命令注入漏洞

Seeds Acmailer and Seeds Acmailer Db are both products of Seeds Corporation, Japan.Seeds Acmailer is a CGI software for supporting mail services.Seeds Acmailer Db is a CGI software for supporting mail services. This software will add Mysql database connectivity compared to the standard version,...

JVN#96957439: acmailer CGI and acmailer DB vulnerable to OS command injection

acmailer CGI and acmailer DB provided by Extra Innovation Inc. contain an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed by an attacker. Solution Update the software Update the software to the latest version according to the information provided by the...

CVE-2023-49780

Cross-site scripting vulnerability exists in acmailer CGI ver.4.0.5 and earlier. An arbitrary script may be executed on the web browser of the user who accessed the management page of the affected product...