Code injection

SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via the option1 parameter in a reply action to secmail/getmessage.exe...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in SecurEnvoy SecurMail before 9.2.501 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 delete e-mail messages via a delete action in a request to secmail/getmessage.exe or 2 spoof arbitrary users a...

CVE-2018-7704

SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via the option1 parameter in a reply action to secmail/getmessage.exe...