EUVD-2012-6587

Malware in sbrugna...

CVE-2012-10046

The E-Mail Security Virtual Appliance ESVA tested on version ESVA2057 contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI handler fails to sanitize user-supplied input passed via the id parameter, allowing attackers to inject arbitrary shell commands...

CVE-2012-10046 E-Mail Security Virtual Appliance learn-msg.cgi Command Injection

The E-Mail Security Virtual Appliance ESVA tested on version ESVA2057 contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI handler fails to sanitize user-supplied input passed via the id parameter, allowing attackers to inject arbitrary shell commands...

CVE-2012-10046

The CVE-2012-10046 entry concerns the E-Mail Security Virtual Appliance (ESVA), tested on ESVA_2057, which contains an unauthenticated command-injection in the learn-msg.cgi CGI handler. The vulnerability stems from inadequate sanitization of user input in the id parameter, allowing arbitrary she...

PT-2025-32399 · Unknown · E-Mail Security Virtual Appliance

Name of the Vulnerable Software and Affected Versions: E-Mail Security Virtual Appliance ESVA version ESVA 2057 Description: The E-Mail Security Virtual Appliance ESVA contains an unauthenticated command injection issue in the learn-msg.cgi script. The CGI handler does not properly sanitize...

ESVA-Project E-Mail Security Virtual Appliance 安全漏洞

ESVA-Project E-Mail Security Virtual Appliance is an email security virtual appliance from ESVA-Project. A security vulnerability exists in the E-Mail Security Virtual Appliance, version ESVA2057, which stems from a learn-msg.cgi script that is not cleaned of user input and could lead to command...