EUVD-2019-19239

Malware in sbrugna...

EUVD-2023-28829

Malicious code in bioql PyPI...

CVE-2019-9882

Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. It allows attacker to add malicious email sources into whitelist via user/savelist.php?ACSION==email=white=big5=add=hacker@socialengineering.commemo==%E6%96%B0%E5%A2%9E without any authorizes...

CVE-2023-24842

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL...

PT-2023-8668 · Unknown · Mailsherlock

Name of the Vulnerable Software and Affected Versions: MailSherlock affected versions not specified Description: The issue is related to insufficient filtering for user input in the MailSherlock query function for connection logs. This allows an authenticated remote attacker with administrator...

HGiga MailSherlock 操作系统命令注入漏洞

Hgiga MailSherlock is an enterprise email auditing system from China Henderson Technology Hgiga. HGiga MailSherlock version 4.5 suffers from an operating system command injection vulnerability, which originates from an insufficient filtering of user input by the query function. An attacker could...

HGiga MailSherlock SQL Injection Vulnerability (CNVD-2021-25618)

Hgiga MailSherlock is a set of enterprise mail audit system from Henderson Hgiga, China. HGiga MailSherlock suffers from a SQL injection vulnerability, which stems from the lack of validation of externally entered SQL statements in database-based applications, and can be exploited by an attacker ...

HGiga MailSherlock Cross-Site Scripting Vulnerability (CNVD-2021-06947)

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A cross-site scripting vulnerability exists in HGiga MailSherlock. The vulnerability stems from MailSherlock failing to properly validate specific URL parameters. An attacker can exploit...