139 matches found
CVE-2021-36720
PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=alert1 and stealing cookies...
CVE-2021-36719
PineApp - Mail Secure - The attacker must be logged in as a user to the Pineapp system. The attacker exploits the vulnerable nicUpload.php file to upload a malicious file,Thus taking over the server and running remote code...
CVE-2021-36719
PineApp - Mail Secure - The attacker must be logged in as a user to the Pineapp system. The attacker exploits the vulnerable nicUpload.php file to upload a malicious file,Thus taking over the server and running remote code...
CVE-2021-36720
PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=alert1 and stealing cookies...
Design/Logic Flaw
PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=alert1 and stealing cookies...
Code injection
PineApp - Mail Secure - The attacker must be logged in as a user to the Pineapp system. The attacker exploits the vulnerable nicUpload.php file to upload a malicious file,Thus taking over the server and running remote code...
CVE-2021-36719
CVE-2021-36719 refers to PineApp - Mail Secure. The root cause is a vulnerability in the vulnerable nicUpload.php file that allows an authenticated user to upload a malicious file, leading to remote code execution and server takeover. Affected product: PineApp - Mail Secure (user-authenticated co...
CVE-2021-36719 Cybonet - PineApp
PineApp - Mail Secure - The attacker must be logged in as a user to the Pineapp system. The attacker exploits the vulnerable nicUpload.php file to upload a malicious file,Thus taking over the server and running remote code...
CVE-2021-36720
PineApp - Mail Secure contains a cross-site scripting (XSS) vulnerability in the /blocking.php?url= parameter that allows injection of arbitrary script code (e.g., ). This can lead to cookie theft and related session information exposure as described in multiple sources. The vulnerability is tied...
CVE-2021-36720 Cybonet - PineApp
PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=alert1 and stealing cookies...
Cybonet PineApp Mail Secure 跨站脚本漏洞
Cybonet PineApp Mail Secure from Cybonet Israel blocks most malicious email threats at the network perimeter while providing a range of additional options for comprehensive security and message control. Cybonet PineApp Mail Secure suffers from a cross-site scripting vulnerability that originates ...
Cybonet PineApp Mail Secure 代码问题漏洞
Cybonet PineApp Mail Secure from Israel's Cybonet blocks most malicious email threats at the network perimeter while providing a range of additional options for comprehensive security and message control. Cybonet PineApp Mail Secure suffers from a code issue vulnerability that stems from an...
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
PineApp Mail-SeCure livelog.html Arbitrary Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
PinApp Mail-SeCure 3.70 - Access Control Failure
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PinApp Mail-SeCure Access Control Failure 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:...
PineApp MailSecure - Remote Command Execution
No description provided by source...
Pineapp MailSecure code execution
Code execution via web interface...
pineapp mailsecure remote no authenticated privilege escalation & remote execution code
Hi, related this: http://seclists.org/fulldisclosure/2013/Nov/136 In February 2013 I send Pineapp the following information: ----------------------------------------------------------------- It is possible execute any command bash as qmailq unprivilege user, sending only the following https...
PineApp Mail-SeCure Absolute Path Traversal Vulnerability
PineApp Mail-SeCure appliance is prone to absolute path traversal vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...