16 matches found
EUVD-2026-28827
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...
CVE-2026-44400 MailEnable Enterprise Premium < 10.55 Authorization Bypass via WebAdmin
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...
CVE-2026-44400 MailEnable Enterprise Premium < 10.55 Authorization Bypass via WebAdmin
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...
CVE-2026-44400
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...
MailEnable Enterprise Premium 安全漏洞
MailEnable Enterprise Premium is a suite of POP3 and SMTP email servers provided by the Australian company MailEnable. Versions of MailEnable Enterprise Premium 10.55 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the WebAdmin mobile...
EUVD-2019-4503
Malware in sbrugna...
EUVD-2019-4500
Malware in sbrugna...
MailEnable Enterprise Premium Path Traversal Vulnerability
MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A path traversal vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a failure of a network system or product to properly filter special elements in the...
MailEnable Enterprise Premium Cross-Site Request Forgery Vulnerability
MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A cross-site request forgery vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a WEB application that does not adequately validate that a request is...
MailEnable Enterprise Premium Code Issue Vulnerability
MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A code issue vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability arises from an improperly designed or implemented code development process for a network system or...
MailEnable Enterprise Premium Cross-Site Scripting Vulnerability
MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A cross-site scripting vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a lack of proper validation of client-side data by the web application. An...
CVE-2019-12925
MailEnable Enterprise Premium 10.23 was vulnerable to multiple directory traversal issues, with which authenticated users could add, remove, or potentially read files in arbitrary folders accessible by the IIS user. This could lead to reading other users' credentials including those of SYSADMIN...
CVE-2019-12927
MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting XSS attacks. Because the session cookie did not use the HttpOnly flag, it was possible to hijack the session cookie by exploiting this vulnerability...
CVE-2019-12926
MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas. As a result, it was possible to perform a number of actions, when logged in as a user, that that user should not have had permission to perform. It was also possible to gain access to areas...
CVE-2019-12927
MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting XSS attacks. Because the session cookie did not use the HttpOnly flag, it was possible to hijack the session cookie by exploiting this vulnerability...
MailEnable Enterprise Premium Access Control Error Vulnerability
MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. An Access Control Error vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability arises from a network system or product that does not properly restrict access to...