Lucene search
K

12 matches found

CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

Apache Pony Mail 环境问题漏洞

Apache Pony Mail is a plugin from the Apache Foundation in the United States that includes features for email archiving, viewing, and interaction. Apache Pony Mail has an environmental issue vulnerability, which stems from inconsistent interpretation of HTTP requests, potentially allowing...

9.8CVSS5.8AI score0.00444EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-14738

Malware in sbrugna...

5.3CVSS5.5AI score0.01822EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-5449

Malware in sbrugna...

9.8CVSS9.5AI score0.06097EPSS
Exploits0References3
Prion
Prion
added 2018/10/04 2:29 p.m.16 views

Authorization

The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. This could lead to derived information disclosure on private lists about the timing of specific email subjects or text bodies, though without disclosing the conten...

5CVSS5AI score0.01822EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/10/04 2:29 p.m.11 views

CVE-2017-5658

The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. This could lead to derived information disclosure on private lists about the timing of specific email subjects or text bodies, though without disclosing the conten...

5.3CVSS5.1AI score0.01822EPSS
Exploits0References1
OSV
OSV
added 2018/10/04 2:29 p.m.12 views

CVE-2017-5658

The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. This could lead to derived information disclosure on private lists about the timing of specific email subjects or text bodies, though without disclosing the conten...

5.3CVSS6.4AI score
Exploits0References1
Cvelist
Cvelist
added 2018/10/04 2:0 p.m.18 views

CVE-2017-5658

The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. This could lead to derived information disclosure on private lists about the timing of specific email subjects or text bodies, though without disclosing the conten...

5.1AI score0.01822EPSS
Exploits0References1
CVE
CVE
added 2018/10/04 2:0 p.m.39 views

CVE-2017-5658

The CVE-2017-5658 issue affects Apache Pony Mail (versions 0.7–0.9). The statistics generator could disclose timing information about messages (subjects/text bodies) on private lists because it returned timestamp data without proper authorization checks. The core root cause is improper authorizat...

5.3CVSS5AI score0.01822EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/08/23 12:0 a.m.3 views

Apache Pony Mail Security Bypass Vulnerability

Apache Pony Mail is a plugin with mail archiving, viewing and interaction features. A security vulnerability exists in Apache Pony Mail that allows an attacker to submit special requests to bypass authentication...

9.8CVSS9.4AI score0.06097EPSS
Exploits0References1
Prion
Prion
added 2017/08/22 6:29 p.m.12 views

Authentication flaw

Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication...

7.5CVSS7.3AI score0.06097EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/08/22 6:29 p.m.17 views

CVE-2016-4460

Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication...

9.8CVSS9.5AI score0.06097EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/22 6:0 p.m.20 views

CVE-2016-4460

Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication...

9.6AI score0.06097EPSS
Exploits0References2
Rows per page
Query Builder