27 matches found
EUVD-2014-2687
Malware in sbrugna...
EUVD-2012-0838
Malware in sbrugna...
SUSE CVE-2012-0811
Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...
SUSE CVE-2014-2655
SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...
Postfix Admin Cross-Site Scripting Vulnerability (CNVD-2020-02708)
Postfix Admin is a web interface for configuring and managing Postfix-based email servers. A cross-site scripting vulnerability exists in Postfix Admin version 2.3.4. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the...
Postfix Admin Security Bypass Vulnerability
Postfix Admin is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Postfix Admin Detection
Detection of Postfix Admin The script sends a HTTP connection request to the server and attempts to detect the presence of Postfix Admin and to extract its version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...
Postfix Admin Cross-Site Request Forgery Vulnerability
Postfix Admin is a web-based administration tool for Postfix mail delivery servers. Postfix Admin provides different configuration operations via HTTP GET and HTTP POST, these GET and POST operations cause CSRF attacks. Attackers are able to gain access to the administrator session and add...
Postfix Admin 2.93 Cross Site Request Forgery
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Postfix Admin Vendor URL: sourceforge.net/projects/postfixadmin/ Type: Cross-Site Request Forgery CWE-253 Date found: 2016-04-23 Date published: 2016-05-21 CVSSv3 Score: 4.6...
DEBIAN-CVE-2012-0811
Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...
CVE-2012-0811
Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...
CVE-2012-0811
Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...
Sql injection
Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...
CVE-2012-0811
CVE-2012-0811 affects PostfixAdmin (postfixadmin) prior to 2.3.5. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the pw parameter to the pacrypt function when mysql_encrypt is configured, or via unspecified vectors used in backup.php-generated backups. I...
CVE-2012-0811
Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...
CVE-2012-0811
Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...
Postfix Admin Detection
Binary data postfixadmindetect.nbin...
CVE-2014-2655
SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...
DEBIAN-CVE-2014-2655
SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...
CVE-2014-2655
SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...