Lucene search
+L

119 matches found

Cvelist
Cvelist
added 2013/11/20 11:0 a.m.29 views

CVE-2013-6829

admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation...

7.6AI score0.78343EPSS
Exploits1References1
CVE
CVE
added 2013/11/20 11:0 a.m.45 views

CVE-2013-6827

CVE-2013-6827 affects PineApp Mail-SeCure appliances, with an absolute path traversal in the admin/viewmsg.php endpoint. The vulnerability allows an attacker to read arbitrary files by supplying a full pathname in the msg parameter. The issue is confirmed by multiple feeds in the connected docume...

5CVSS6.8AI score0.01439EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/11/20 11:0 a.m.48 views

CVE-2013-6828

CVE-2013-6828 : The connected sources confirm a remote authentication-bypass vulnerability in PineApp Mail-SeCure, where accessing the admin/management.html page allows bypassing authentication and performing a sys_usermng operation via the it parameter. Affected component: admin interface of Pin...

6.4CVSS7.2AI score0.01338EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/11/20 11:0 a.m.49 views

CVE-2013-6829

CVE-2013-6829 describes a remote command injection in PineApp Mail-SeCure via the admin/confnetworking.html interface. The vulnerability allows an attacker to append shell metacharacters in the pinghost parameter during a ping operation, leading to arbitrary command execution on the remote host. ...

7.5CVSS7.8AI score0.78343EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2013/11/20 11:0 a.m.54 views

CVE-2013-6830

CVE-2013-6830 affects PineApp Mail-SeCure before version 3.70 on 5099SK and earlier platforms. A vulnerability in the admin/confnetworking.html page allows remote attackers to inject shell commands via the nsserver parameter during an nslookup request due to insufficient input sanitization of met...

7.5CVSS7.7AI score0.08929EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2013/11/20 11:0 a.m.23 views

CVE-2013-6831

PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account...

6.7AI score0.01014EPSS
Exploits1References1
NVD
NVD
added 2013/11/08 4:47 a.m.15 views

CVE-2013-4987

PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command...

8.5CVSS6.4AI score0.02734EPSS
Exploits6References1
Prion
Prion
added 2013/11/08 4:47 a.m.20 views

Command injection

PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command...

8.5CVSS7AI score0.02734EPSS
Exploits6References1Affected Software1
CVE
CVE
added 2013/11/08 2:0 a.m.62 views

CVE-2013-4987

CVE-2013-4987 affects PineApp Mail-SeCure pre-3.70. It is a local privilege-escalation via an access-control failure: a non-privileged user can obtain a root shell by sending a crafted command in the Mail-SeCure console (example: pa_cli system ping /bin/sh). Root access is achieved locally; all v...

8.5CVSS6.5AI score0.02734EPSS
Exploits6References1Affected Software1
Cvelist
Cvelist
added 2013/11/08 2:0 a.m.27 views

CVE-2013-4987

PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command...

6.4AI score0.02734EPSS
Exploits6References1
Check Point Advisories
Check Point Advisories
added 2013/10/27 12:0 a.m.2 views

PineApp Mail-SeCure livelog.html Command Injection

Multiple command Injection vulnerabilities exist in PineApp Mail-SeCure...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2013/10/15 12:0 a.m.19 views

PineApp Mail-Secure Command Execution

pineapp makes an anti-spam product, which can be downloaded for vmware, etc. the security of the product is a fucking joke, containing everything from authentication bypass to root exploits. there is really no hope, the developers didnt even try. they can patch those specific vulnerabilities, but...

7.4AI score
Exploits0
0day.today
0day.today
added 2013/10/02 12:0 a.m.61 views

PinApp Mail-SeCure Access Control Failure

Core Security Technologies Advisory - A security vulnerability was discovered in PineApp Mail-SeCure Suite, allowing a non-privileged attacker to get a root shell by sending a specially crafted command from the Mail-SeCure console. A valid user account is needed to launch the attack, so this is a...

8.5CVSS6.6AI score0.02734EPSS
Exploits6
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.32 views

PineApp Mail-SeCure privilege escalation

Unfiltered shell characters vulnerability...

8.5CVSS3.2AI score0.02734EPSS
Exploits6References1Affected Software1
Core Security
Core Security
added 2013/10/02 12:0 a.m.41 views

PinApp Mail-SeCure Access Control Failure

Advisory ID Internal CORE-2013-0904 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:https://www.coresecurity.com/core-labs/advisories/pinapp-mail-secure-access-control-failure Date published: 2013-10-02 Date of last update:...

8.5CVSS6.6AI score0.02734EPSS
Exploits6
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.56 views

CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PinApp Mail-SeCure Access Control Failure 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:...

8.5CVSS0.1AI score0.02734EPSS
Exploits6
exploitpack
exploitpack
added 2013/10/02 12:0 a.m.66 views

PinApp Mail-SeCure 3.70 - Access Control Failure

PinApp Mail-SeCure 3.70 - Access Control Failure Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PinApp Mail-SeCure Access Control Failure 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:...

8.5CVSS0.3AI score0.02734EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/10/02 12:0 a.m.53 views

PinApp Mail-SeCure 3.70 - Access Control Failure

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PinApp Mail-SeCure Access Control Failure 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:...

8.5CVSS6.7AI score0.02734EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2013/09/30 12:0 a.m.3 views

PineApp Mail-SeCure confpremenu.php Install License Command Injection

A command injection vulnerability has been reported in PineApp Mail-SeCure...

7.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/09/22 12:0 a.m.3 views

PineApp Mail-SeCure conflivelog.pl Command Injection

A command injection vulnerability exists in PineApp Mail-SeCure. The vulnerability is due to an input validation error in conflivelog.pl of the administration interface. A remote attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable server. Successful...

7.6AI score
Exploits0
Rows per page
Query Builder