Lucene search
K

96 matches found

OSV
OSV
added 2021/03/18 5:15 a.m.6 views

CVE-2021-22848

HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege...

9.8CVSS7.4AI score0.00985EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/18 4:35 a.m.19 views

CVE-2021-22848 HGiga MailSherlock - SQL Injection-2

HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege...

7CVSS10AI score0.00985EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/04 12:0 a.m.4 views

HGiga MailSherlock Command Injection Vulnerability

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A command injection vulnerability exists in HGiga MailSherlock. The vulnerability stems from MailSherlock failing to properly validate specific parameters. An attacker can exploit this...

10CVSS7.9AI score0.01738EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/04 12:0 a.m.4 views

HGiga MailSherlock SQL Injection Vulnerability (CNVD-2021-05402)

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. HGiga MailSherlock suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to inject and execute SQL commands in URL parameters...

7.6CVSS8.2AI score0.00598EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/04 12:0 a.m.2 views

HGiga MailSherlock Weak Authentication Vulnerability

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A weak authentication vulnerability exists in HGiga MailSherlock. An attacker can exploit this vulnerability to elevate privileges using a default password generation mechanism...

10CVSS7.2AI score0.01654EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/04 12:0 a.m.9 views

HGiga MailSherlock Cross-Site Scripting Vulnerability

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A cross-site scripting vulnerability exists in HGiga MailSherlock. The vulnerability stems from MailSherlock not validating user parameters on multiple login pages. An attacker can explo...

7CVSS6.1AI score0.00611EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/04 12:0 a.m.9 views

HGiga MailSherlock Cross-Site Scripting Vulnerability (CNVD-2021-06947)

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A cross-site scripting vulnerability exists in HGiga MailSherlock. The vulnerability stems from MailSherlock failing to properly validate specific URL parameters. An attacker can exploit...

7CVSS6.1AI score0.00611EPSS
Exploits0References1
OSV
OSV
added 2020/12/31 8:15 a.m.3 views

CVE-2020-35851

HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system...

9.8CVSS7.5AI score0.01738EPSS
Exploits0References1
OSV
OSV
added 2020/12/31 8:15 a.m.2 views

CVE-2020-25848

HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism...

9.8CVSS7.3AI score0.01654EPSS
Exploits0References1
NVD
NVD
added 2020/12/31 8:15 a.m.19 views

CVE-2020-35740

HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks...

7CVSS6.6AI score0.00611EPSS
Exploits0References1
OSV
OSV
added 2020/12/31 8:15 a.m.3 views

CVE-2020-35740

HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks...

6.1CVSS6.4AI score
Exploits0References1
NVD
NVD
added 2020/12/31 8:15 a.m.17 views

CVE-2020-35741

HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks...

7CVSS6.6AI score0.00611EPSS
Exploits0References1
NVD
NVD
added 2020/12/31 8:15 a.m.25 views

CVE-2020-35743

HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages...

7.6CVSS7.5AI score0.00598EPSS
Exploits0References1
NVD
NVD
added 2020/12/31 8:15 a.m.19 views

CVE-2020-35851

HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system...

10CVSS9AI score0.01738EPSS
Exploits0References1
OSV
OSV
added 2020/12/31 8:15 a.m.3 views

CVE-2020-25850

The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files...

7.5CVSS7.2AI score0.01108EPSS
Exploits0References1
NVD
NVD
added 2020/12/31 8:15 a.m.11 views

CVE-2020-25848

HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism...

10CVSS9.9AI score0.01654EPSS
Exploits0References1
NVD
NVD
added 2020/12/31 8:15 a.m.20 views

CVE-2020-35742

HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter...

7.6CVSS7.4AI score0.00598EPSS
Exploits0References1
OSV
OSV
added 2020/12/31 8:15 a.m.4 views

CVE-2020-35742

HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter...

7.6CVSS7.2AI score0.00598EPSS
Exploits0References1
NVD
NVD
added 2020/12/31 8:15 a.m.18 views

CVE-2020-25850

The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files...

8.1CVSS8.2AI score0.01108EPSS
Exploits0References1
Prion
Prion
added 2020/12/31 8:15 a.m.19 views

Sql injection

HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter...

6.5CVSS7.8AI score0.00598EPSS
Exploits0References1Affected Software4
Rows per page
Query Builder