Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.9 views

CVE-2026-41232

Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...

5CVSS5.5AI score0.00231EPSS
Exploits1References1
NVD
NVD
added 2026/04/23 5:16 a.m.8 views

CVE-2026-41232

Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...

5CVSS0.00231EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/23 3:54 a.m.5 views

CVE-2026-41232 Froxlor has an Email Sender Alias Domain Ownership Bypass via Wrong Array Index that Allows Cross-Customer Email Spoofing

Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...

5CVSS5.8AI score0.00231EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/23 3:54 a.m.7 views

EUVD-2026-25186

Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...

5CVSS5.8AI score0.00231EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 3:54 a.m.8 views

CVE-2026-41232

Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...

5CVSS5.8AI score0.00231EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.9 views

PT-2026-34637

Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...

5CVSS5.8AI score0.00231EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

Froxlor 安全漏洞

Froxlor is a set of lightweight server management software developed by the Froxlor team. Versions of Froxlor prior to 2.3.6 contained security vulnerabilities. These vulnerabilities stemmed from incorrect array indexing used in the domain ownership verification process within EmailSender::add. A...

5CVSS5.8AI score0.00231EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/16 12:47 a.m.6 views

Incorrect Authorization

Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Incorrect Authorization in the add process of the EmailSender component due to improper domain ownership validation. An attacker can impersonate users on domains belonging to other...

5.3CVSS5.8AI score0.00231EPSS
Exploits1References2
Rows per page
Query Builder