Lucene search
+L
SoftnextMail Sqr Expert

7 matches found

CVE
CVE
added 2022/10/31 6:40 a.m.54 views

CVE-2022-40741

CVE-2022-40741 affects Softnext Technologies’ Mail SQR Expert. The connected records describe a command injection vulnerability in a specific Mail SQR Expert function due to insufficient filtering for special characters. An unauthenticated remote attacker could exploit this to execute arbitrary s...

9.8CVSS9.8AI score0.01076EPSS
CVE
CVE
added 2023/12/15 8:12 a.m.47 views

CVE-2023-48380

The CVE-2023-48380 entry concerns Softnext Mail SQR Expert, an email management platform. The vulnerability arises from insufficient filtering of a special character within a specific function, enabling an adjacent-authenticated remote attacker to perform command injections and execute arbitrary ...

8CVSS8.1AI score0.00675EPSS
CVE
CVE
added 2023/12/15 8:19 a.m.47 views

CVE-2023-48381

CVE-2023-48381 relates to Softnext Mail SQR Expert, an email management platform, with a Local File Inclusion (LFI) flaw exposed via a special URL. The vulnerability lets an unauthenticated attacker cause the execution of arbitrary PHP files with a “.asp” extension under specific system paths, en...

6.5CVSS6.7AI score0.00617EPSS
CVE
CVE
added 2022/10/31 6:40 a.m.46 views

CVE-2022-40742

CVE-2022-40742 concerns Softnext Technologies Mail SQR Expert system (Mail SQR Expert) with a Local File Inclusion vulnerability. An unauthenticated attacker can exploit it to cause the execution of arbitrary PHP files with a .asp extension under specific system paths, enabling access and partial...

6.5CVSS6.7AI score0.00618EPSS
CVE
CVE
added 2023/12/15 8:5 a.m.45 views

CVE-2023-48379

CVE-2023-48379 affects Softnext Mail SQR Expert. The vulnerability arises from inadequate filtering of a specific URL parameter within a specific function, enabling an unauthenticated remote attacker to perform a Blind SSRF and infer internal network topology from URL error responses. Reported ac...

5.3CVSS5.4AI score0.00596EPSS
CVE
CVE
added 2023/12/15 8:24 a.m.40 views

CVE-2023-48382

The CVE-2023-48382 entry concerns Softnext Mail SQR Expert with a Local File Inclusion (LFI) vulnerability in a mail delivery URL. An unauthenticated attacker can exploit this to execute arbitrary PHP files with a .asp extension in certain system paths and access/modify partial system information...

6.5CVSS6.7AI score0.00617EPSS
CVE
CVE
added 2023/12/15 8:1 a.m.38 views

CVE-2023-48378

CVE-2023-48378 concerns Softnext Mail SQR Expert, where a path traversal flaw in a URL parameter allows an unauthenticated remote attacker to bypass authentication and download arbitrary system files. The vulnerability is described with CVSS v3.1 base score 7.5 (High) and network attack vector wi...

7.5CVSS7.8AI score0.01314EPSS