EUVD-2026-28827

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

CVE-2026-44400 MailEnable Enterprise Premium < 10.55 Authorization Bypass via WebAdmin

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

MailEnable Enterprise Premium 安全漏洞

MailEnable Enterprise Premium is a suite of POP3 and SMTP email servers provided by the Australian company MailEnable. Versions of MailEnable Enterprise Premium 10.55 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the WebAdmin mobile...

EUVD-2005-4452

Malware in sbrugna...

EUVD-2019-4500

Malware in sbrugna...

EUVD-2019-4503

Malware in sbrugna...

EUVD-2008-1285

Malware in sbrugna...

EUVD-2012-2574

Malware in sbrugna...

MailEnable Enterprise Premium Path Traversal Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A path traversal vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a failure of a network system or product to properly filter special elements in the...

MailEnable Enterprise Premium Code Issue Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A code issue vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability arises from an improperly designed or implemented code development process for a network system or...

MailEnable Enterprise Premium Cross-Site Scripting Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A cross-site scripting vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a lack of proper validation of client-side data by the web application. An...

MailEnable Enterprise Premium Cross-Site Request Forgery Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. A cross-site request forgery vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability stems from a WEB application that does not adequately validate that a request is...

CVE-2019-12926

MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas. As a result, it was possible to perform a number of actions, when logged in as a user, that that user should not have had permission to perform. It was also possible to gain access to areas...

CVE-2019-12927

MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting XSS attacks. Because the session cookie did not use the HttpOnly flag, it was possible to hijack the session cookie by exploiting this vulnerability...

Improper access control

MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas. As a result, it was possible to perform a number of actions, when logged in as a user, that that user should not have had permission to perform. It was also possible to gain access to areas...

CVE-2019-12927

MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting XSS attacks. Because the session cookie did not use the HttpOnly flag, it was possible to hijack the session cookie by exploiting this vulnerability...

MailEnable Enterprise Premium Access Control Error Vulnerability

MailEnable Enterprise Premium is a suite of POP3 and SMTP mail servers from MailEnable Australia. An Access Control Error vulnerability exists in MailEnable Enterprise Premium version 10.23. The vulnerability arises from a network system or product that does not properly restrict access to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the 1 From, 2 To, or 3 Subject header or 4 body in an SMTP e-mail message...

CVE-2012-2588

CVE-2012-2588 is an XSS vulnerability in MailEnable Enterprise 6.5. The issue allows remote attackers to inject arbitrary web script or HTML via SMTP message fields (From, To, Subject) or the message body, exploiting malformed headers/body to execute scripts in a user’s context. Public references...

CVE-2012-2588

Multiple cross-site scripting XSS vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the 1 From, 2 To, or 3 Subject header or 4 body in an SMTP e-mail message...