17 matches found
EUVD-2018-18313
Malware in sbrugna...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in totemomail Encryption Gateway before 6.0.0Build371 allow remote attackers to hijack the authentication of users for requests that 1 change user settings, 2 send emails, or 3 change contact information by leveraging lack of an anti-CSRF...
CVE-2018-6563
Multiple cross-site request forgery CSRF vulnerabilities in totemomail Encryption Gateway before 6.0.0Build371 allow remote attackers to hijack the authentication of users for requests that 1 change user settings, 2 send emails, or 3 change contact information by leveraging lack of an anti-CSRF...
CVE-2018-6563
The CVE-2018-6563 entry describes a CSRF vulnerability in totemomail Encryption Gateway prior to 6.0.0_Build_371, caused by missing anti-CSRF tokens. This allows remote attackers to hijack user authentication for requests that change settings, send emails, or modify contact information. Affected ...
CVE-2018-6563
Multiple cross-site request forgery CSRF vulnerabilities in totemomail Encryption Gateway before 6.0.0Build371 allow remote attackers to hijack the authentication of users for requests that 1 change user settings, 2 send emails, or 3 change contact information by leveraging lack of an anti-CSRF...
totemomail Encryption Gateway Cross-Site Request Forgery Vulnerability
totemomail Encryption Gateway is a gateway for email encryption. A cross-site request forgery vulnerability exists in versions prior to totemomail Encryption Gateway 6.0.0Build371. A remote attacker can exploit this vulnerability to change user settings, send emails, or change contact information...
CVE-2018-6562
totemomail Encryption Gateway before 6.0b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack...
CVE-2018-6562
The CVE-2018-6562 entry concerns totemomail Encryption Gateway prior to 6.0_b567, where a JSONP hijacking vulnerability allows remote attackers to obtain sensitive information about user sessions and encryption key material. Public sources describe this as a remote, web-facing information-disclos...
CVE-2018-6562
totemomail Encryption Gateway before 6.0b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack...
totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery
Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy communication partners or with those who have neither an appropriate...
totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy communication partners or...
totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery
totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy...
Totemomail Encryption Gateway 6.0.0_Build_371 JSONP Hijacking
COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: totemomail Encryption Gateway Vendor: totemo AG CSNC ID: CSNC-2018-002 CVE ID: CVE-2018-6562 Subject: JSONP hijacking Risk: High Effect: Remotely exploitable Author: Nicolas Heiniger Date: 14.05.2018...
Totemomail Encryption Gateway 6.0.0_Build_371 Cross Site Request Forgery
COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: totemomail Encryption Gateway Vendor: totemo AG CSNC ID: CSNC-2018-003 CVE ID: CVE-2018-6563 Subject: Cross-Site Request Forgery Risk: High Effect: Remotely exploitable Author: Nicolas Heiniger Date: 14.05.20...
Totemomail 4.x/5.x - Persistent Cross-Site Scripting
Document Title: =============== Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1769 Release Date: ============= 2016-04-08 Vulnerability Laboratory ID VL-ID:...
Totemomail 4.x / 5.x - Persistent Cross-Site Scripting
Exploit for jsp platform in category web applications Document Title: =============== Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability Product & Service Introduction: =============================== totemomail® Encryption Gateway protects your email communication with customers a...
Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability
Document Title: =============== Totemomail v4.x & v5.x - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1769 Release Date: ============= 2016-04-07 Vulnerability Laboratory ID VL-ID: ====================================...