Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-19419

Malware in sbrugna...

6.1CVSS6.7AI score0.04158EPSS
Exploits5References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-19423

Malware in sbrugna...

6.1CVSS6.7AI score0.02736EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2025/05/22 3:48 p.m.7 views

CVE-2020-13376

SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie...

9.3CVSS7.1AI score0.03507EPSS
Exploits1
NVD
NVD
added 2020/08/07 8:15 p.m.31 views

CVE-2020-13376

SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie...

9.3CVSS9.1AI score0.03507EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/08/07 7:3 p.m.27 views

CVE-2020-13376

SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie...

9.1AI score0.03507EPSS
Exploits1References2
NVD
NVD
added 2018/03/15 1:29 a.m.11 views

CVE-2018-7706

Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. dot dot in the option2 parameter in an attachment action to secmail/getmessage.exe...

6.5CVSS6.1AI score0.0708EPSS
Exploits5References3
NVD
NVD
added 2018/03/15 1:29 a.m.15 views

CVE-2018-7704

SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via the option1 parameter in a reply action to secmail/getmessage.exe...

6.5CVSS6.2AI score0.04885EPSS
Exploits5References3
OSV
OSV
added 2018/03/15 1:29 a.m.5 views

CVE-2018-7701

Multiple cross-site request forgery CSRF vulnerabilities in SecurEnvoy SecurMail before 9.2.501 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 delete e-mail messages via a delete action in a request to secmail/getmessage.exe or 2 spoof arbitrary users a...

6.5CVSS5.8AI score0.0307EPSS
Exploits5References3
NVD
NVD
added 2018/03/15 1:29 a.m.17 views

CVE-2018-7705

Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. dot dot in the filename parameter to secupload2/upload.aspx...

8.1CVSS7.6AI score0.06321EPSS
Exploits5References3
NVD
NVD
added 2018/03/15 1:29 a.m.17 views

CVE-2018-7702

SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization...

9.1CVSS9.3AI score0.14717EPSS
Exploits4References3
NVD
NVD
added 2018/03/15 1:29 a.m.23 views

CVE-2018-7701

Multiple cross-site request forgery CSRF vulnerabilities in SecurEnvoy SecurMail before 9.2.501 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 delete e-mail messages via a delete action in a request to secmail/getmessage.exe or 2 spoof arbitrary users a...

6.5CVSS6.8AI score0.0307EPSS
Exploits5References3
Prion
Prion
added 2018/03/15 1:29 a.m.13 views

Directory traversal

Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. dot dot in the option2 parameter in an attachment action to secmail/getmessage.exe...

4CVSS6.6AI score0.0708EPSS
Exploits5References3Affected Software1
Prion
Prion
added 2018/03/15 1:29 a.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in SecurEnvoy SecurMail before 9.2.501 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 delete e-mail messages via a delete action in a request to secmail/getmessage.exe or 2 spoof arbitrary users a...

5.8CVSS7.5AI score0.0307EPSS
Exploits5References3Affected Software1
Prion
Prion
added 2018/03/15 1:29 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe...

4.3CVSS6.2AI score0.04158EPSS
Exploits5References3Affected Software1
Prion
Prion
added 2018/03/15 1:29 a.m.15 views

Directory traversal

Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. dot dot in the filename parameter to secupload2/upload.aspx...

5.5CVSS7.8AI score0.06321EPSS
Exploits5References3Affected Software1
Prion
Prion
added 2018/03/15 1:29 a.m.9 views

Authorization

SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization...

6.4CVSS9.3AI score0.14717EPSS
Exploits4References3Affected Software1
CNVD
CNVD
added 2018/03/15 12:0 a.m.1 views

SecurEnvoy SecurMail Cross-Site Scripting Vulnerability (CNVD-2018-06275)

SecurEnvoy SecurMail is an email application from SecurEnvoy USA. A cross-site scripting vulnerability exists in versions of SecurEnvoy SecurMail prior to 9.2.501. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via HTML formatted email messages...

6.1CVSS5.9AI score0.02736EPSS
Exploits5References1
CNVD
CNVD
added 2018/03/15 12:0 a.m.5 views

SecurEnvoy SecurMail Cross-Site Request Forgery Vulnerability

SecurEnvoy SecurMail is an email application from SecurEnvoy USA. A cross-site request forgery vulnerability exists in SecurEnvoy SecurMail versions prior to 9.2.501. A remote attacker can exploit this vulnerability by sending requests to the files secmail/getmessage.exe and...

6.5CVSS7AI score0.0307EPSS
Exploits5References1
CNVD
CNVD
added 2018/03/15 12:0 a.m.11 views

SecurEnvoy SecurMail Cross-Site Scripting Vulnerability

SecurEnvoy SecurMail is an email application from SecurEnvoy USA. A cross-site scripting vulnerability exists in SecurEnvoy SecurMail versions prior to 9.2.501. A remote attacker can exploit this vulnerability by sending the 'mailboxid' parameter to the secmail/getmessage.exe file to inject...

6.1CVSS6.2AI score0.04158EPSS
Exploits5References1
Cvelist
Cvelist
added 2018/03/14 8:0 p.m.18 views

CVE-2018-7705

Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. dot dot in the filename parameter to secupload2/upload.aspx...

7.9AI score0.06321EPSS
Exploits5References3
Rows per page
Query Builder