CVE-2026-20172

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

The vulnerability of the Apache James software server for enterprise email deployment and management involves an uncontrolled resource consumption, allowing attackers to cause service failures.

The vulnerability of the Apache James software server for deployment and corporate email management is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability fixed in Cisco Enterprise Chat and Email

Cisco has fixed a vulnerability in Cisco Enterprise Chat and Email ECE. The vulnerability is in how Cisco Enterprise Chat and Email ECE validates incorrect input in its chat functionality. This can lead to a denial-of-service DoS situation, which may require manual intervention to restore normal...

Openfind Information Technology MailAudit Operating System Command Injection Vulnerability

Openfind Information Technology MailAudit is a software for enterprise email security auditing from Openfind Information Technology Taiwan, China. An operating system command injection vulnerability exists in Openfind Information Technology MailAudit, which originates from an inability to properl...

Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave

In today’s rapidly evolving connected workplace, where hybrid and remote work are increasingly the norm, workplace productivity and communications tools like email and chat applications are more important than ever. However, cyberthreats continue to evolve with increasing capabilities and...

The vulnerability in the web interface for managing Cisco Enterprise Chat and Email allows attackers to perform cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Enterprise Chat and Email is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created website...

Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave

Today, organizations face an evolving threat landscape and an exponentially increasing attack surface. Email represents the primary attack vector for cybercrime, and security teams are in search of efficient and cost-effective means to minimize the risk of these threats and the impact they have o...

Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave

Today, organizations face an evolving threat landscape and an exponentially increasing attack surface. Email represents the primary attack vector for cybercrime, and security teams are in search of efficient and cost-effective means to minimize the risk of these threats and the impact they have o...

Unauthorized Access Vulnerability in Crypto Email and Enterprise Mailboxes

Beijing Xiongzhiweiye Software Co., Ltd. was founded in 1996, is a professional network platform development vendors, the company's main business for the development and sales of computer network software products, and computer software, hardware products sales, agents. An unauthorized access...

Information Disclosure Vulnerability in MessageSolution's Enterprise Email Archive Management System EEA

MessageSolution is a developer of enterprise email archiving software. An information disclosure vulnerability exists in the MessageSolution enterprise email archiving management system, EEA. An attacker could exploit the vulnerability to obtain sensitive information...

SQL Injection Vulnerability in MessageSolution Enterprise Email Archive Management System EEA

MessageSolution is a developer of enterprise email archiving software. A SQL injection vulnerability exists in the MessageSolution enterprise email archiving management system, EEA. An attacker could exploit the vulnerability to gain access to sensitive database information...

Weak Password Vulnerability in MessageSolution Enterprise Email Archiving

MessageSolution Enterprise Email Archiving is a scalable, intelligent enterprise archiving and eDiscovery platform. MessageSolution Enterprise Email Archiving suffers from a weak password vulnerability that can be exploited by an attacker to log into the system...

S2-045 Remote Code Execution Vulnerability in 263 Enterprise Email Sites

263 enterprise mailbox site is an electronic mailbox launched by Beijing 263 Enterprise Communication Co. The 263 enterprise mailbox site uses Apache Struts xwork as the website application framework, the file upload function of the Jakarta plug-in of the framework has a remote command execution...

Cross-Site Scripting Vulnerability in Times Enterprise Email System

Times Enterprise Email System is a cloud service email processing system for major enterprises. Times Enterprise Email System does not adequately filter the parameters at the mailbox login, and the attacker obtains the user's identity credentials such as cookies by constructing a special XSS code...

SQL Injection Vulnerability in Name Parameter of Times Internet Enterprise Email System

Times Internet is dedicated to providing professional email service providers for a wide range of enterprise-level users. A SQL injection vulnerability exists in the name parameter of the webmail/login.php page in version 2.2.5 of Times Internet's enterprise email system. It allows attackers to...

社工kesionCMS新网域名管理,腾讯企业邮箱

简要描述： 话不多说,看图 详细说明： 漏洞证明：...

emailarchitect enterprise email server 10.0 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: EmailArchitect Enterprise Email Server Version: 10.0 Vendor Site: http://www.emailarchitect.net Software Download Link: http://www.emailarchitect.net/webapp/download/easetup.exe Timeline: 29...

MAILsweeper - SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2 & 5.2.1 - File Scanner Malicious Archive DoS

No description provided by source. source: http://www.securityfocus.com/bid/3027/info A wide range of products exists for scanning enterprise email and filesystems for files containing viruses and other undesirable content. These products handle compressed files by temporarily unzipping them and...

V5shop数据库弱口令导致内部更多敏感数据可被社工（已证明）

简要描述： http://www.wooyun.org/bugs/wooyun-2013-027611 大家看我发的上一个漏洞！ 我社工了一下下..... 详细说明： 不打码了，白帽子也要被尊重！ wooyun-2013-027611这个漏洞引发的... 你们从图片看到什么了吗？ lvw马赛克08.net 对了，这就是亮点，目测QQ企业邮箱的 解密了！刚刚充了1000条，呵呵 lvw马赛克08.net Lvw马赛克996 看看企业邮箱！ 好吧！成功了................. 漏洞证明： 好多信息泄漏！...

emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting

emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: EmailArchitect Enterprise Email Server Version: 10.0 Vendor Site: http://www.emailarchitect.net Software Download Link:...