Lucene search
K

44 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-18483

Malware in sbrugna...

8.1CVSS7.7AI score0.01108EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23399

Malware in sbrugna...

7.6CVSS7.6AI score0.00598EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-23398

Malware in sbrugna...

7.6CVSS7.6AI score0.00598EPSS
Exploits0References2
NVD
NVD
added 2023/03/27 4:15 a.m.40 views

CVE-2023-24842

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL...

5.3CVSS5.2AI score0.00595EPSS
Exploits0References1
NVD
NVD
added 2023/03/27 4:15 a.m.21 views

CVE-2023-24840

HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject SQL commands to read, modify, and delete the database...

7.2CVSS7.3AI score0.00928EPSS
Exploits0References1
Prion
Prion
added 2023/03/27 4:15 a.m.14 views

Sql injection

HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject SQL commands to read, modify, and delete the database...

5.8CVSS7.2AI score0.00928EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/03/27 4:15 a.m.21 views

Improper access control

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL...

5CVSS5.3AI score0.00595EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.6 views

HGiga MailSherlock 跨站脚本漏洞

Hgiga MailSherlock is an enterprise email auditing system from China Henderson Technology Hgiga. A cross-site scripting vulnerability exists in HGiga MailSherlock version 4.5, which stems from insufficient filtering of user input by specific function. The vulnerability can be exploited to conduct...

6.1CVSS5.9AI score0.00494EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.5 views

PT-2023-19819 · Hgiga · Hgiga Mailsherlock

Name of the Vulnerable Software and Affected Versions: HGiga MailSherlock affected versions not specified Description: The issue is related to insufficient access control, allowing an unauthenticated remote user to access partial content of another user's mail. This can be achieved by modifying t...

5.3CVSS5AI score0.00595EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.7 views

CVE-2023-24840 HGiga MailSherlock - SQL Injection

HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject SQL commands to read, modify, and delete the database...

7.2CVSS7.3AI score0.00928EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.15 views

CVE-2023-24842 HGiga MailSherlock - Broken Access Control

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL...

5.3CVSS5.3AI score0.00595EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.23 views

CVE-2023-24840 HGiga MailSherlock - SQL Injection

HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject SQL commands to read, modify, and delete the database...

7.2CVSS7.5AI score0.00928EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.25 views

CVE-2023-24841 HGiga MailSherlock - Command Injection

HGiga MailSherlock query function for connection log has a vulnerability of insufficient filtering for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or...

7.2CVSS7.5AI score0.00928EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.11 views

CVE-2023-24841 HGiga MailSherlock - Command Injection

HGiga MailSherlock query function for connection log has a vulnerability of insufficient filtering for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or...

7.2CVSS7.3AI score0.00928EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.11 views

CVE-2023-24839 HGiga MailSherlock - Reflected XSS

HGiga MailSherlock’s specific function has insufficient filtering for user input. An unauthenticated remote attacker can exploit this vulnerability to inject JavaScript, conducting a reflected XSS attack...

6.1CVSS6.1AI score0.00494EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.33 views

CVE-2023-24842 HGiga MailSherlock - Broken Access Control

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL...

5.3CVSS5.5AI score0.00595EPSS
Exploits0References1
CVE
CVE
added 2023/03/27 12:0 a.m.52 views

CVE-2023-24842

HGiga MailSherlock is affected by an insufficient access control vulnerability. According to external sources, affected version 4.5 exposes partial contents of other users’ emails to unauthenticated remote attackers who can manipulate URL parameters (userID and mailID) to access data. The root ca...

5.3CVSS5.2AI score0.00595EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.19 views

CVE-2023-24839 HGiga MailSherlock - Reflected XSS

HGiga MailSherlock’s specific function has insufficient filtering for user input. An unauthenticated remote attacker can exploit this vulnerability to inject JavaScript, conducting a reflected XSS attack...

6.1CVSS6.2AI score0.00494EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.15 views

HGiga MailSherlock 安全漏洞

Hgiga MailSherlock is an enterprise mail auditing system from China Henderson Technology Hgiga. A security vulnerability exists in HGiga MailSherlock version 4.5, which stems from an insufficient access control issue. The vulnerability can be exploited by an attacker to access parts of other user...

5.3CVSS5.7AI score0.00595EPSS
Exploits0References2
CNVD
CNVD
added 2021/03/19 12:0 a.m.9 views

HGiga MailSherlock SQL Injection Vulnerability (CNVD-2021-25618)

Hgiga MailSherlock is a set of enterprise mail audit system from Henderson Hgiga, China. HGiga MailSherlock suffers from a SQL injection vulnerability, which stems from the lack of validation of externally entered SQL statements in database-based applications, and can be exploited by an attacker ...

9.8CVSS7.9AI score0.00985EPSS
Exploits0References1
Rows per page
Query Builder