Lucene search
K

30 matches found

CVE
CVE
added 2015/06/02 2:0 p.m.58 views

CVE-2014-8391

CVE-2014-8391 (and CVE-2014-0999) affect Sendio ESP prior to version 7.2.4. The Web interface mishandles sessions, allowing remote authenticated users to access other users’ session data and, in one variant, to disclose session identifiers via URLs in HTTP traffic and similar responses. Two infor...

4CVSS5.6AI score0.05462EPSS
Exploits5References5Affected Software1
CVE
CVE
added 2015/06/02 2:0 p.m.57 views

CVE-2014-0999

Sendio ESP is affected by CVE-2014-0999 (and CVE-2014-8391) in versions prior to 7.2.4. The issue arises from including the session cookie (jsessionid) in web interface URLs, causing the session identifier to be exposed via the Referrer header when accessing email content. This enables potential ...

5CVSS6.2AI score0.06651EPSS
Exploits5References5Affected Software1
Cvelist
Cvelist
added 2015/06/02 2:0 p.m.39 views

CVE-2014-0999

Sendio before 7.2.4 includes the session identifier in URLs in emails, which allows remote attackers to obtain sensitive information and hijack sessions by reading the jsessionid parameter in the Referrer HTTP header...

6.1AI score0.06651EPSS
Exploits5References5
Cvelist
Cvelist
added 2015/06/02 2:0 p.m.34 views

CVE-2014-8391

The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users' sessions via a large number of requests...

5.6AI score0.05462EPSS
Exploits5References5
0day.today
0day.today
added 2015/05/27 12:0 a.m.61 views

Sendio ESP Information Disclosure Vulnerability

Exploit for jsp platform in category web applications 1. Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure-vulnerability Date published: 2015-05-22 Date of...

5CVSS6.5AI score0.06651EPSS
Exploits6
exploitpack
exploitpack
added 2015/05/26 12:0 a.m.94 views

Sendio ESP - Information Disclosure

Sendio ESP - Information Disclosure 1. Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure-vulnerability Date published: 2015-05-22 Date of last update:...

5CVSS6.3AI score0.06651EPSS
Exploits6
Exploit DB
Exploit DB
added 2015/05/26 12:0 a.m.57 views

Sendio ESP - Information Disclosure

Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure-vulnerability Date published: 2015-05-22 Date of last update: 2015-05-22 Vendors contacted: Sendio...

5CVSS6.4AI score0.06651EPSS
Exploits6
ThreatPost
ThreatPost
added 2015/05/22 12:1 p.m.11 views

Sendio Email Security Platform Vulnerability Patch

Email security vendor Sendio has patched a pair of remotely exploitable security bypass vulnerabilities in its Sendio ESP, or Email Security Platform, product. Researchers at Core Security Technologies reported the vulnerabilities March 26 to Sendio, along with a proof of concept that triggers th...

7.5AI score
Exploits0References2
Core Security
Core Security
added 2015/05/22 12:0 a.m.545 views

Sendio ESP Information Disclosure Vulnerability

1. Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: Date published: 2015-05-22 Date of last update: 2015-05-22 Vendors contacted: Sendio Release mode: Coordinated release 2. Vulnerability Information Class: OWASP Top Ten 2013...

5CVSS6.2AI score0.06651EPSS
Exploits6
Packet Storm
Packet Storm
added 2015/05/22 12:0 a.m.61 views

Sendio ESP Information Disclosure

Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure-vulnerability Date published: 2015-05-22 Date of last update: 2015-05-22 Vendors contacted: Sendio...

5CVSS6.5AI score0.06651EPSS
Exploits6
Rows per page
Query Builder