CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value...

7.5CVSS7.1AI score0.00636EPSS

Exploits0References1

OSV•added 2021/04/14 11:15 p.m.•1 views

CVE-2021-27180

An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail aka WorldClient. It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user...

6.1CVSS6.3AI score

Exploits0References2

OSV•added 2021/04/14 11:15 p.m.•0 views

CVE-2021-27182

An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail aka WorldClient. It can be exploited via an email message. It allows an attacker to perform any action with the privileges of the attacked user...

8.8CVSS5.8AI score0.00857EPSS

Exploits1References2

Prion•added 2021/04/14 11:15 p.m.•14 views

Cross site scripting

4.3CVSS5.9AI score0.00308EPSS

Exploits1References2Affected Software1

CVE•added 2021/04/14 10:26 p.m.•83 views

CVE-2021-27180

MDaemon Webmail (WorldClient) on versions before 20.0.4 has a reflected XSS vulnerability exploitable via a GET request . The flaw can allow an attacker to perform actions with the privileges of the attacked user, with a NETWORK attack vector , UI required , and I/L/C/L/A impacts as described by ...

6.1CVSS5.9AI score0.00308EPSS

Exploits1References2Affected Software1

Gitee•added 2020/03/07 6:1 p.m.•4 views

shadowbroker

This repository, Zam-0703/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was created by the Shadow Brokers, a group known for releasing stolen NSA hacking tools. The repository includes exploits for several vulnerabilities, including:...

8.5AI score

Exploits0

Gitee•added 2019/11/11 4:11 p.m.•1 views

shadowbroker

This repository, "Cross6/shadowbroker", contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists the contents of the repository, which includes various exploit modules and tools...

7.1AI score

Exploits0

CNVD•added 2019/07/23 12:0 a.m.•1 views

MDaemon Webmail Cross-Site Request Forgery Vulnerability

MDaemon Technologies MDaemon Webmail formerly known as WorldClient is a Web-based e-mail client for MDaemon Email Server from MDaemon Technologies. A cross-site request forgery vulnerability exists in MDaemon Webmail. The vulnerability stems from a WEB application that does not adequately validat...

8.8CVSS6.8AI score0.00194EPSS

Exploits0References1

OSV•added 2019/07/19 5:15 p.m.•0 views

CVE-2018-17792

MDaemon Webmail formerly WorldClient has CSRF...

8.8CVSS5.8AI score0.00194EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by