2 matches found
CVE-2018-17542
The CVE-2018-17542 entry concerns MailSherlock before 1.5.235 (OAKlouds). The vulnerability is a SQL Injection in the letgo.cgi request via the select_mid parameter, allowing an unauthenticated user to extract the subjects of other users’ emails within the enterprise. The connected records confir...
CVE-2018-17542 SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds
SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the selectmid parameter in an letgo.cgi request...