Lucene search
K

11 matches found

OSV
OSV
added 2024/07/29 3:15 a.m.4 views

CVE-2024-5670

The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...

9.8CVSS6AI score0.00898EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/29 2:23 a.m.24 views

CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection

The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...

9.8CVSS7.7AI score0.00898EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/29 2:23 a.m.26 views

CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection

The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...

9.8CVSS0.00898EPSS
Exploits0References2
CVE
CVE
added 2024/07/29 2:23 a.m.55 views

CVE-2024-5670

Summary (CVE-2024-5670) : The web services of Softnext’s Mail SQR Expert and Mail Archiving Expert fail to validate user input, enabling unauthenticated remote attackers to inject and execute arbitrary OS commands on the remote server. This is described across multiple sources as an OS command in...

9.8CVSS9.8AI score0.00898EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.5 views

PT-2024-37010 · Softnext · Softnext Mail Archiving Expert +1

Name of the Vulnerable Software and Affected Versions: Softnext Mail SQR Expert affected versions not specified Softnext Mail Archiving Expert affected versions not specified Description: The web services of Softnext's products do not properly validate user input, allowing unauthenticated remote...

9.8CVSS7.7AI score0.00898EPSS
Exploits0References7
CNVD
CNVD
added 2017/08/23 12:0 a.m.3 views

Apache Pony Mail Security Bypass Vulnerability

Apache Pony Mail is a plugin with mail archiving, viewing and interaction features. A security vulnerability exists in Apache Pony Mail that allows an attacker to submit special requests to bypass authentication...

9.8CVSS9.4AI score0.06097EPSS
Exploits0References1
Atlassian
Atlassian
added 2013/09/20 5:8 p.m.18 views

doremovespacemail action can be called by non-admins

The doremovespacemail action is provided by the confluence-mail-archiving plugin, and allows all of the archived mail associated with a space to be removed. This action can be called by any authenticated user, which appears to be an oversight in access control, given that similar methods such as...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/20 5:8 p.m.20 views

doremovespacemail action can be called by non-admins

The doremovespacemail action is provided by the confluence-mail-archiving plugin, and allows all of the archived mail associated with a space to be removed. This action can be called by any authenticated user, which appears to be an oversight in access control, given that similar methods such as...

1.3AI score
Exploits0
Atlassian
Atlassian
added 2013/09/20 5:8 p.m.20 views

doremovespacemail action can be called by non-admins

The doremovespacemail action is provided by the confluence-mail-archiving plugin, and allows all of the archived mail associated with a space to be removed. This action can be called by any authenticated user, which appears to be an oversight in access control, given that similar methods such as...

1.3AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2011/03/25 12:0 a.m.24 views

Fedora Update for mhonarc FEDORA-2011-3357

Check for the Version of mhonarc OpenVAS Vulnerability Test Fedora Update for mhonarc FEDORA-2011-3357 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS0.08838EPSS
Exploits1References2
Fedora
Fedora
added 2011/03/23 10:59 p.m.18 views

[SECURITY] Fedora 14 Update: mhonarc-2.6.18-3.fc14

MHonArc is a Perl mail-to-HTML converter. MHonArc provides HTML mail archiving with index, mail thread linking, etc; plus other capabilities including support for MIME and powerful user customization features...

5CVSS6.4AI score0.08838EPSS
Exploits1
Rows per page
Query Builder