75 matches found
EUVD-2008-5704
Malware in sbrugna...
EUVD-2007-2056
Malware in sbrugna...
EUVD-2007-5270
Malware in sbrugna...
CVE-2021-26293
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files such as an executable file under the web root. This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x...
CVE-2021-26294
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files such as a data/settings/settings.xml file containing admin panel credentials, as demonstrated by dav/server.php/files/personal/%2e%2e when using the...
CVE-2019-19129
Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name...
VulnCheck KEV: CVE-2021-26294
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files such as a data/settings/settings.xml file containing admin panel credentials, as demonstrated by dav/server.php/files/personal/%2e%2e when using the...
Malicious code in aurora-webmail-pro (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b196e5cdd7ecb9e38cd0eb47dfc5a3b78a6533ffeb8c52c9f43722b3f398a983 The OpenSSF Package Analysis project identified 'aurora-webmail-pro' @ 10.1.0 npm as malicious. It is considered malicious because: - The packag...
AfterLogic 多个安全漏洞(CVE-2021-26292 CVE-2021-26293 CVE-2021-26294)
CVE-2021-26292 - Public Full Path Disclosure on AfterLogic Aurora & WebMail Pro WebDAV EndPoint The severity of the issue: Medium Complexity: Easy Affected Products: AfterLogic Aurora, AfterLogic WebMail PRO Authentication: Not required Attacks: Full Path Disclosure Resources : -...
CVE-2021-26294
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files such as a data/settings/settings.xml file containing admin panel credentials, as demonstrated by dav/server.php/files/personal/%2e%2e when using the...
CVE-2021-26294
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files such as a data/settings/settings.xml file containing admin panel credentials, as demonstrated by dav/server.php/files/personal/%2e%2e when using the...
Directory traversal
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files such as a data/settings/settings.xml file containing admin panel credentials, as demonstrated by dav/server.php/files/personal/%2e%2e when using the...
CVE-2021-26294
CVE-2021-26294 affects AfterLogic Aurora and WebMail Pro up to version 7.7.9. It is a directory traversal vulnerability in WebDAV endpoints (dav/server.php) that allows unauthenticated attackers to read arbitrary files (e.g., data/settings/settings.xml) by using crafted paths such as ../..//dav/s...
CVE-2021-26294
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files such as a data/settings/settings.xml file containing admin panel credentials, as demonstrated by dav/server.php/files/personal/%2e%2e when using the...
Aurora 路径遍历漏洞
Afterlogic Aurora is a set of U.S. Afterlogic Inc. using PHP language written in the enterprise mail server platform. The platform includes features such as e-mail, file storage and address book management. A path traversal vulnerability exists in AfterLogic Aurora through 7.7.9 and WebMail Pro...
CVE-2021-26293
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files such as an executable file under the web root. This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x...
CVE-2021-26293
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files such as an executable file under the web root. This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x...
Directory traversal
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files such as an executable file under the web root. This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x...
CVE-2021-26293
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files such as an executable file under the web root. This is related to DAVServer.php in 8.x and DAV/Server.php in 7.x...
CVE-2021-26293
CVE-2021-26293 affects AfterLogic Aurora and WebMail Pro (DAV enabled). The vulnerability stems from directory traversal in the WebDAV handling (DAVServer.php/DAV/Server.php) that allows creating files under the web root, enabling potential remote code execution via uploaded files. Severity is hi...