5 matches found
CVE-2026-23607 GFI MailEssentials AI < 22.4 Anti-Spam Whitelist Description Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Anti-Spam Whitelist management interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$txtDescription parameter to...
CVE-2026-23607
GFI MailEssentials AI (versions before 22.4) contains a stored XSS in the Anti-Spam Whitelist management interface. An authenticated user can submit HTML/JavaScript via ctl00$ContentPlaceHolder1$pv1$txtDescription to /MailEssentials/pages/MailSecurity/Whitelist.aspx, which is stored and later ren...
PT-2026-20887
Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description The software contains a stored cross-site scripting issue in the Anti-Spam Whitelist management interface. A user with valid credentials can inject HTML or JavaScript code into the...
EUVD-2007-0615
Malware in sbrugna...
[Full-disclosure] Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability
Title: ------------------- Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability Vendor Contacted: ------------------- now-ish. Background Info: ------------------- Earthlink TotalAccess Download Site: http://www.earthlink.net/software/free/totalaccess/highspeed/ Description:...