Lucene search
+L

95 matches found

NVD
NVD
added 2020/06/23 6:15 a.m.14 views

CVE-2020-12782

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files...

9.8CVSS0.01886EPSS
Exploits0References1
OSV
OSV
added 2020/06/23 6:15 a.m.2 views

CVE-2020-12782

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files...

9.8CVSS7.3AI score
Exploits0References1
Prion
Prion
added 2020/06/23 6:15 a.m.11 views

Command injection

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files...

7.5CVSS9.6AI score0.01886EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/06/23 6:5 a.m.46 views

CVE-2020-12782

Openfind MailGates is affected by a Command Injection flaw. According to the CVE description, when receiving an email containing specific strings, malicious code in the mail attachment may be triggered, granting unauthorized access to system files. The issue is reported with CVSS data indicating ...

9.8CVSS9.7AI score0.01886EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/06/23 6:5 a.m.23 views

CVE-2020-12782 Openfind MailGates - Command Injection

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files...

9.8CVSS9.7AI score0.01886EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/20 4:16 a.m.23 views

CVE-2019-15073 Openfind MAIL2000 Webmail Pre-Auth Open Redirect

An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities...

6.2AI score0.01126EPSS
Exploits0References6
CNVD
CNVD
added 2019/11/20 12:0 a.m.4 views

Openfind Mail2000 /cgi-bin/go page cross-site scripting vulnerability

Openfind Mail2000 is a Web-based e-mail system. A cross-site scripting vulnerability exists in the /cgi-bin/go page in Openfind MAIL2000 versions 6.0 and earlier and 7.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker c...

6.1CVSS6.3AI score0.01628EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/20 12:0 a.m.6 views

Openfind Mail2000 Open Redirect Vulnerability

Openfind Mail2000 is a Web-based e-mail system. An input validation error vulnerability exists in the '/cgi-bin/go' page in Openfind Mail2000 versions 6.0 and earlier and 7.0 and earlier. The vulnerability stems from a network system or product that does not properly validate incoming data. An...

6.1CVSS6.8AI score0.01126EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/20 12:0 a.m.8 views

Openfind MAIL2000 /cgi-bin/portal Login Function Cross-Site Scripting Vulnerability

Openfind Mail2000 is a Web-based e-mail system. A cross-site scripting vulnerability exists in the login function of /cgi-bin/portal in Openfind Mail2000 versions 6.0 and earlier and 7.0 and earlier. The vulnerability stems from a lack of proper validation of client data by the WEB application. A...

6.1CVSS6.4AI score0.01516EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/20 12:0 a.m.4 views

Openfind Mail2000 Cross-Site Scripting Vulnerability

Openfind Mail2000 is a Web-based e-mail system. A cross-site scripting vulnerability exists in Webmail in Openfind Mail2000 v6. The vulnerability stems from a lack of proper validation of client data by the web application. An attacker can exploit this vulnerability to execute client-side code...

6.1CVSS6.4AI score0.01214EPSS
Exploits1References1
OSV
OSV
added 2019/06/19 6:15 p.m.4 views

CVE-2019-9763

An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS can occur via an 'object data="data:text/html' substring in an e-mail message The vendor subsequently patched this...

6.1CVSS5.8AI score0.01214EPSS
Exploits1References3
NVD
NVD
added 2019/06/19 6:15 p.m.16 views

CVE-2019-9763

An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS can occur via an 'object data="data:text/html' substring in an e-mail message The vendor subsequently patched this...

6.1CVSS6AI score0.01214EPSS
Exploits1References3
Prion
Prion
added 2019/06/19 6:15 p.m.22 views

Design/Logic Flaw

An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS can occur via an 'object data="data:text/html' substring in an e-mail message The vendor subsequently patched this...

4.3CVSS6AI score0.01214EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2019/06/19 5:2 p.m.78 views

CVE-2019-9763

Openfind Mail2000 Webmail (versions 6.0 and 7.0) is affected by a Cross‑Site Scripting vulnerability. The root cause is insufficient validation of client data in Webmail, enabling XSS via an email containing the substring <object data="data:text/html. The vendor subsequently patched this. CVSS...

6.1CVSS6AI score0.01214EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/06/19 5:2 p.m.16 views

CVE-2019-9763

An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS can occur via an 'object data="data:text/html' substring in an e-mail message The vendor subsequently patched this...

6.1AI score0.01214EPSS
Exploits1References3
Rows per page
Query Builder