3 matches found
CVE-2022-22794
Cybonet PineApp Mail Relay is affected by an unauthenticated SQL injection vulnerability. The flaw allows an attacker to craft requests to endpoints such as /manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1, /admin/emailrichment/userlist.php?CUSTOMER_ID_INNER=1, /manage/emailrichment/usersun...
CVE-2022-22793
CVE-2022-22793 affects Cybonet PineApp Mail Relay via a Local File Inclusion in the /manage/mailpolicymtm/log/eml_viewer/email.content.body.php endpoint, exploitable by supplying a crafted filesystem_path to read local server files. The issue is documented across multiple sources (NVD/NVD mirror,...
CVE-2023-31183
CVE-2023-31183 affects Cybonet PineApp Mail Secure. A reflected cross-site scripting (XSS) vulnerability identified in the product, involving an unspecified endpoint. The public entries describe the issue but do not specify affected versions, exploit details, or a patch. CVSS 3.1 base score 6.1 (...