CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/18 12:0 a.m.•8 views

CVE-2026-29964

HSC MailInspector v5.3.3-7 contains a Cross-Site Scripting XSS vulnerability in the /tap/tap.php endpoint due to improper neutralization of user-controlled input using alternate or obfuscated JavaScript syntax. The endpoint reflects unsanitized user input in HTTP responses without adequate output...

6.2AI score0.00042EPSS

Exploits1References3

Vulnrichment•added 2026/05/18 12:0 a.m.•5 views

CVE-2026-29965

HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting XSS in the /police/WarningUrlPage.php endpoint due to improper neutralization of user-supplied input that uses alternate or obfuscated JavaScript syntax...

5.8AI score0.00031EPSS

Exploits1References3

CVE•added 2026/05/18 12:0 a.m.•8 views

CVE-2026-29965

HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting (XSS) at the /police/WarningUrlPage.php endpoint due to improper neutralization of user-supplied input that uses alternate or obfuscated JavaScript syntax. Affected product: HSC MailInspector (version 5.3.3-7). The CVE entry (CVE-202...

6.1CVSS5.8AI score0.00031EPSS

Exploits1References3Affected Software1

EUVD•added 2026/05/18 12:0 a.m.•7 views

EUVD-2026-30782

6.1CVSS5.8AI score0.00031EPSS

Exploits1References3

RedhatCVE•added 2026/03/07 1:44 a.m.•4 views

CVE-2026-3610

A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument errordescription results in cross site scripting. The...

5.3CVSS4.2AI score0.00042EPSS

Exploits0References1

EUVD•added 2026/03/06 3:31 a.m.•1 views

EUVD-2026-9963

NVD•added 2026/03/06 1:15 a.m.•5 views

Exploits0References5

CVE-2026-3610

5.3CVSS0.00042EPSS

Vulnrichment•added 2026/03/06 12:32 a.m.•0 views

CVE-2026-3610 HSC Cybersecurity Mailinspector URL mliUserValidation.php cross site scripting

5.3CVSS4.2AI score0.00042EPSS

ATTACKERKB•added 2026/03/06 12:32 a.m.•4 views

CVE-2026-3610

Exploits0References4Affected Software1

CVE•added 2026/03/06 12:32 a.m.•7 views

CVE-2026-3610

CVE-2026-3610 affects HSC Cybersecurity Mailinspector (up to 5.3.2-3). The issue is in the URL Handler’s file /mailinspector/mliUserValidation.php, where manipulating the argument error_description leads to a cross-site scripting vulnerability. The attack can be performed remotely; exploit public...

Cvelist•added 2026/03/06 12:32 a.m.•30 views

CVE-2026-3610 HSC Cybersecurity Mailinspector URL mliUserValidation.php cross site scripting

5.3CVSS0.00042EPSS

CNNVD•added 2026/03/06 12:0 a.m.•2 views

HSC Cybersecurity Mailinspector 代码注入漏洞

HSC Cybersecurity Mailinspector is an email security management system developed by HSC Cybersecurity in France. Versions of HSC Cybersecurity Mailinspector 5.3.2-3 and earlier contain a code injection vulnerability. This vulnerability arises from incorrect handling of the parameter...

5.3CVSS5.7AI score0.00042EPSS

Positive Technologies•added 2026/03/06 12:0 a.m.•2 views

PT-2026-23623

A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error description results in cross site scripting. The...

RedhatCVE•added 2026/01/09 9:35 a.m.•7 views

Exploits0References5

CVE-2024-34470

An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read...

8.6CVSS8.4AI score0.92783EPSS

Exploits5References1

RedhatCVE•added 2026/01/09 9:35 a.m.•2 views

CVE-2024-34472

An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An authenticated blind SQL injection vulnerability exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to /mailinspector/mliRealtimeEmails.php does not properly sanitize input, allowing an...

5.5CVSS6.3AI score0.02231EPSS

RedhatCVE•added 2025/05/23 9:48 a.m.•3 views

CVE-2024-34471

An issue was discovered in HSC Mailinspector 5.2.17-3. A Path Traversal vulnerability resulting in file deletion exists in the mliRealtimeEmails.php file. The filename parameter in the export HTML functionality does not properly validate the file location, allowing an attacker to read and delete...

5.4CVSS6.5AI score0.01695EPSS

RedhatCVE•added 2025/05/23 8:1 a.m.•5 views

CVE-2024-32369

SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component...

4.3CVSS7.6AI score0.02591EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 8:1 a.m.•5 views

CVE-2024-32370

An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component...

9.8CVSS6.4AI score0.03485EPSS