Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Totemomail Security Vulnerabilities

cve
cve

CVE-2018-15510

Cross-site scripting (XSS) vulnerability in the 'Certificate' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS

6AI Score

0.001EPSS

2019-08-30 09:15 AM
17
cve
cve

CVE-2018-15511

Cross-site scripting (XSS) vulnerability in the 'Notification template' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS

6AI Score

0.001EPSS

2019-08-30 09:15 AM
24
cve
cve

CVE-2018-15512

Cross-site scripting (XSS) vulnerability in the 'Authorisation Service' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS

6AI Score

0.001EPSS

2019-08-30 09:15 AM
20
cve
cve

CVE-2018-15513

Log viewer in totemomail 6.0.0 build 570 allows access to sessionIDs of high privileged users by leveraging access to a read-only auditor role.

5.3CVSS

5AI Score

0.001EPSS

2019-08-30 09:15 AM
19
cve
cve

CVE-2020-7918

An insecure direct object reference in webmail in totemo totemomail 7.0.0 allows an authenticated remote user to read and modify mail folder names of other users via enumeration.

5.4CVSS

5.3AI Score

0.001EPSS

2020-03-27 02:15 PM
87