CVE-2026-44400 MailEnable Enterprise Premium < 10.55 Authorization Bypass via WebAdmin

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

EUVD-2003-1453

Malware in sbrugna...

EUVD-2013-5766

Malware in sbrugna...

EUVD-2022-15498

Malicious code in bioql PyPI...

CVE-2019-15516

Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring...

CVE-2022-3696

A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...

CVE-2022-0331

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older...

Sophos Cyberoam OS SQL Injection Vulnerability

Sophos Cyberoam OS is an operating system for Cyberoam devices from Sophos, USA. A SQL injection vulnerability exists in Sophos Cyberoam OS version 2020-12-04, which stems from a SQL injection vulnerability in WebAdmin that can be exploited by an attacker to remotely execute arbitrary SQL...

Sophos Cyberoam OS SQL注入漏洞

Sophos Cyberoam OS is an operating system for Cyberoam devices from Sophos, USA. A SQL injection vulnerability exists in Sophos Cyberoam OS version 2020-12-04, which stems from a SQL injection vulnerability in WebAdmin that can be exploited by an attacker to remotely execute arbitrary SQL...

IBM WebSphere Message Broker Information Disclosure Vulnerability (CNVD-2016-11964)

IBM WebSphere Message Broker now known as IBM Integration Bus is an enterprise service bus ESB product from IBM, USA. The product provides connectivity and common data transformations for Service Oriented Architecture SOA environments and non-SOA environments. A security vulnerability exists in...

Cross site scripting

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol...

CVE-2011-2222

Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors...

CVE-2004-2369

Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. dot dot in the directory creation command...

Path disclosure and file access on WebAdmin

WebAdmin is a web application to administer MDaemon and RelayFax. It can be run on its own or as an ISAPI application under Microsoft Internet Information Services IIS. MDaemon is an e-mail server for Microsoft Windows. RelayFax is a fax server also for Microsoft Windows. Both applications have...