19 matches found
CVE-2026-40846
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40818
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24configetDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40811
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ssoabstractservice due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
EUVD-2026-32119
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dataapi.php files mb24configetTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-33616
An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-33616
An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-32969 Pre-Auth Blind SQLi in userinfo Endpoint
An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint’s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
Security update for alpine (moderate)
openSUSE Security Update: Security update for alpine Announcement ID: openSUSE-SU-2021:0695-1 Rating: moderate References: 1173281 Cross-References: CVE-2020-14929 CVSS scores: CVE-2020-14929 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-14929 SUSE: 7.5...
Marketing Development Script SQL Injection Vulnerability
Marketing Development Script suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data. Exploit Title; Marketing Development Script SQL Injection Vulnerability Date; 3/12/12 Author; 3spi0n Script Vendor or Software Link; http://www.marketingdev.com/...
Marketing Development Script SQL Injection
Exploit Title; Marketing Development Script SQL Injection Vulnerability Date; 3/12/12 Author; 3spi0n Script Vendor or Software Link; http://www.marketingdev.com/ Category; Webapps Type; SQL Injection MySQLi Tested on; Ubuntu 12.10 / Win7 / Backtrack 5 Demo Analyzing ;...
MailEnable IMAP Server multiple security vulnerabilities
Buffer overflow in EXAMINE, SELECT, DELETE commands...
CVE-2006-6290
Multiple stack-based buffer overflows in the IMAP module MEIMAPS.EXE in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary...
Mercur MailServer 5.0 SP3 - 'IMAP' Denial of Service
/ Exploit for : IMAP 5.0 SP3 DoS Exploit Advisory : http://secunia.com/advisories/19267/ Coder : Omnipresent Email : [email protected] Description : Tim Taylor has discovered a vulnerability in Mercur Messaging 2005, which can be exploited by malicious people and by malicious users to cause a...
PHPNukeEV77.txt
PHPNuke EV 7.7 'search' module 'query' variable SQL injection Vendor url: http://nukevolution.com/ exploit available:yes vendor notify:yes advisore:http://lostmon.blogspot.com/2006/01/ phpnuke-ev-77-search-module-query.html PHPNuke EV 7.7 have a flaw which can be exploited by malicious people to...
CVE-2005-3189
Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read arbitrary email messages via ".." sequences in the SELECT command...
CVE-2005-3189
Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read arbitrary email messages via ".." sequences in the SELECT command...
CVE-2004-2513
Buffer overflow in the IMAP service of Mercury Pegasus Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command...
CVE-2005-1254
Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service crash via a SELECT command with a large argument...
DoS против MDaemon (imap buffer overflow)
Переполнение буфера в команде Select пользователь должен быть авторизован...