3 matches found
CVE-2013-6829
CVE-2013-6829 describes a remote command injection in PineApp Mail-SeCure via the admin/confnetworking.html interface. The vulnerability allows an attacker to append shell metacharacters in the pinghost parameter during a ping operation, leading to arbitrary command execution on the remote host. ...
CVE-2013-6828
CVE-2013-6828 : The connected sources confirm a remote authentication-bypass vulnerability in PineApp Mail-SeCure, where accessing the admin/management.html page allows bypassing authentication and performing a sys_usermng operation via the it parameter. Affected component: admin interface of Pin...
CVE-2013-6827
CVE-2013-6827 affects PineApp Mail-SeCure appliances, with an absolute path traversal in the admin/viewmsg.php endpoint. The vulnerability allows an attacker to read arbitrary files by supplying a full pathname in the msg parameter. The issue is confirmed by multiple feeds in the connected docume...