19 matches found
CVE-2026-44400
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...
EUVD-2026-28827
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...
CVE-2026-44400
MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...
PT-2026-39194
Name of the Vulnerable Software and Affected Versions MailEnable Enterprise Premium versions prior to 10.56 Description Improper authorization in the WebAdmin mobile portal allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. ...
CVE-2012-3859
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447...
Netsweeper WebAdmin Portal Multiple Vulnerabilities
No description provided by source...
Netsweeper WebAdmin Portal CSRF / XSS / SQL Injection
Exploit Title: Netsweeper WebAdmin Portal CSRF, Reflective XSS, and SQL Injection "The later"\ Date: Discovered and reported CSRF and XSS 4/2012 and "The later" 7/2012\ Author: Jacob Holcomb/Gimppy042\ Software Link: Netsweeper Inc. - Netsweeper Internet Filter www.netsweeper.com\ CVE :...
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Exploit Title: Netsweeper WebAdmin Portal CSRF, Reflective XSS, and SQL Injection "The later"\ Date: Discovered and reported CSRF and XSS 4/2012 and "The later" 7/2012\ Author: Jacob Holcomb/Gimppy042\ Software Link: Netsweeper Inc. - Netsweeper Internet Filter www.netsweeper.com\ CVE :...
CVE-2012-3859
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447...
Cross site scripting
Cross-site scripting XSS vulnerability in tools/locallookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action...
CVE-2012-2447
Cross-site request forgery CSRF vulnerability in accountmgr/adminupdate.php in the WebAdmin Portal in Netsweeper allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via an add action...
Design/Logic Flaw
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in accountmgr/adminupdate.php in the WebAdmin Portal in Netsweeper allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via an add action...
CVE-2012-2446
Cross-site scripting XSS vulnerability in tools/locallookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action...
CVE-2012-2446
CVE-2012-2446 is a real XSS vulnerability in Netsweeper’s WebAdmin Portal. The issue affects the WebAdmin Portal’s tools/local_lookup.php, where the group parameter in a lookup action can be exploited to inject arbitrary web script or HTML remotely. The root cause is an inadequate input validatio...
CVE-2012-3859
CVE-2012-3859 is identified in the connected documents as a SQL Injection vulnerability affecting the Netsweeper WebAdmin Portal. The Red Hat entry describes it as an unspecified vulnerability with unknown impact, and the exploit references (Exploit-DB/PacketStorm) associate this CVE with a SQL I...
CVE-2012-3859
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447...
CVE-2012-2447
Cross-site request forgery CSRF vulnerability in accountmgr/adminupdate.php in the WebAdmin Portal in Netsweeper allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via an add action...
CVE-2012-2446
Cross-site scripting XSS vulnerability in tools/locallookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action...