52 matches found
EUVD-2024-46843
Malicious code in bioql PyPI...
EUVD-2023-28825
Malicious code in bioql PyPI...
CVE-2024-5670
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...
CVE-2024-5670
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...
CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...
CVE-2024-5670
Summary (CVE-2024-5670) : The web services of Softnext’s Mail SQR Expert and Mail Archiving Expert fail to validate user input, enabling unauthenticated remote attackers to inject and execute arbitrary OS commands on the remote server. This is described across multiple sources as an OS command in...
CVE-2024-5670 Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server...
PT-2024-37010 · Softnext · Softnext Mail Archiving Expert +1
Name of the Vulnerable Software and Affected Versions: Softnext Mail SQR Expert affected versions not specified Softnext Mail Archiving Expert affected versions not specified Description: The web services of Softnext's products do not properly validate user input, allowing unauthenticated remote...
Softnext Mail SQR Expert and Mail Archiving Expert 操作系统命令注入漏洞
Softnext Mail SQR Expert and Mail Archiving Expert is an email management platform from the Chinese company Softnext Mail. Softnext Mail SQR Expert and Mail Archiving Expert suffers from an operating system command injection vulnerability that originates from the web service not properly validati...
CVE-2023-48380
Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command,...
CVE-2023-48380
Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command,...
CVE-2023-48382
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...
CVE-2023-48381
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a special URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify...
CVE-2023-48381
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a special URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify...
CVE-2023-48382
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...
Design/Logic Flaw
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a special URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify...
Command injection
Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command,...
Design/Logic Flaw
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...
CVE-2023-48382
The CVE-2023-48382 entry concerns Softnext Mail SQR Expert with a Local File Inclusion (LFI) vulnerability in a mail delivery URL. An unauthenticated attacker can exploit this to execute arbitrary PHP files with a .asp extension in certain system paths and access/modify partial system information...
CVE-2023-48382 Softnext Mail SQR Expert - Local File Inclusion-2
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...