Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.8 views

CVE-2026-40871

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantinecategory field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantinecategory without validation or sanitizatio...

7.2CVSS6.1AI score0.09874EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 8:17 p.m.4 views

CVE-2026-40871

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantinecategory field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantinecategory without validation or sanitizatio...

7.2CVSS0.09874EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 7:12 p.m.30 views

CVE-2026-40871 mailcow: dockerized vulnerable to Second Order SQL Injection in quarantine category via API

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantinecategory field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantinecategory without validation or sanitizatio...

7.2CVSS0.09874EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/21 7:12 p.m.7 views

CVE-2026-40871 mailcow: dockerized vulnerable to Second Order SQL Injection in quarantine category via API

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantinecategory field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantinecategory without validation or sanitizatio...

7.2CVSS5.9AI score0.09874EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 7:12 p.m.6 views

EUVD-2026-24253

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantinecategory field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantinecategory without validation or sanitizatio...

7.2CVSS5.9AI score0.09874EPSS
Exploits0References1
CVE
CVE
added 2026/04/21 7:12 p.m.13 views

CVE-2026-40871

CVE-2026-40871 affects the mailcow: dockerized project. Versions prior to 2026-03b are vulnerable to a second-order SQL injection in the quarantine_category field exposed via the Mailcow API, specifically at the /api/v1/add/mailbox endpoint. The input is stored without validation and later used b...

7.2CVSS6.2AI score0.09874EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.7 views

mailcow: dockerized 安全漏洞

mailcow: dockerized is a Dockerized version of the mailcow open-source application. Versions before 2026-03b of mailcow have security vulnerabilities; these vulnerabilities stem from a second-level SQL injection in the quarantinecategory field, which may allow arbitrary SQL executions and the...

7.2CVSS6.2AI score0.09874EPSS
Exploits0References1
Rows per page
Query Builder