Lucene search
K

16 matches found

EUVD
EUVD
added 2026/05/08 9:31 p.m.10 views

EUVD-2026-28827

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

8.7CVSS5.8AI score0.0035EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 8:22 p.m.41 views

CVE-2026-44400 MailEnable Enterprise Premium < 10.55 Authorization Bypass via WebAdmin

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

8.7CVSS0.0035EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/08 8:22 p.m.8 views

CVE-2026-44400 MailEnable Enterprise Premium < 10.55 Authorization Bypass via WebAdmin

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

8.7CVSS5.8AI score0.0035EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/08 8:22 p.m.11 views

CVE-2026-44400

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

8.7CVSS5.8AI score0.0035EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

MailEnable Enterprise Premium 安全漏洞

MailEnable Enterprise Premium is a suite of POP3 and SMTP email servers provided by the Australian company MailEnable. Versions of MailEnable Enterprise Premium 10.55 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the WebAdmin mobile...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-4503

Malware in sbrugna...

8.8CVSS8.5AI score0.00938EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-4500

Malware in sbrugna...

6.5CVSS6.9AI score0.00571EPSS
Exploits0References3
CNVD
CNVD
added 2019/07/09 12:0 a.m.5 views

MailEnable Enterprise Premium Path Traversal Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A path traversal vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a failure of a network system or product to properly filter special elements in the...

8.1CVSS6.8AI score0.01817EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/09 12:0 a.m.4 views

MailEnable Enterprise Premium Cross-Site Request Forgery Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A cross-site request forgery vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a WEB application that does not adequately validate that a request is...

6.5CVSS6.9AI score0.00571EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/09 12:0 a.m.4 views

MailEnable Enterprise Premium Code Issue Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A code issue vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability arises from an improperly designed or implemented code development process for a network system or...

9.8CVSS7.1AI score0.00898EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/09 12:0 a.m.4 views

MailEnable Enterprise Premium Cross-Site Scripting Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A cross-site scripting vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a lack of proper validation of client-side data by the web application. An...

6.1CVSS6.4AI score0.00867EPSS
Exploits0References1
OSV
OSV
added 2019/07/08 10:15 p.m.0 views

CVE-2019-12925

MailEnable Enterprise Premium 10.23 was vulnerable to multiple directory traversal issues, with which authenticated users could add, remove, or potentially read files in arbitrary folders accessible by the IIS user. This could lead to reading other users' credentials including those of SYSADMIN...

8.1CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2019/07/08 10:15 p.m.5 views

CVE-2019-12927

MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting XSS attacks. Because the session cookie did not use the HttpOnly flag, it was possible to hijack the session cookie by exploiting this vulnerability...

6.1CVSS6.5AI score0.00867EPSS
Exploits0References2
OSV
OSV
added 2019/07/08 10:15 p.m.4 views

CVE-2019-12926

MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas. As a result, it was possible to perform a number of actions, when logged in as a user, that that user should not have had permission to perform. It was also possible to gain access to areas...

8.8CVSS7.3AI score
Exploits0References2
Cvelist
Cvelist
added 2019/07/08 9:4 p.m.19 views

CVE-2019-12927

MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting XSS attacks. Because the session cookie did not use the HttpOnly flag, it was possible to hijack the session cookie by exploiting this vulnerability...

6AI score0.00867EPSS
Exploits0References2
CNVD
CNVD
added 2019/07/08 12:0 a.m.2 views

MailEnable Enterprise Premium Access Control Error Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. An Access Control Error vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability arises from a network system or product that does not properly restrict access to...

8.8CVSS7AI score0.00938EPSS
Exploits0References1
Rows per page
Query Builder