Communigate Pro Security Vulnerabilities and Issues — Communigate Pro CVE List

Lucene search

StalkerCommunigate Pro

9 matches found

CVE•added 2000/06/02 4:0 a.m.•52 views

CVE-1999-0865

Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.

5CVSS6.8AI score0.00602EPSS

CVE•added 2007/05/16 7:28 p.m.•48 views

CVE-2007-2718

Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags.

4.3CVSS5.7AI score0.28497EPSS

CVE•added 2018/01/08 5:29 a.m.•44 views

CVE-2018-3815

The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) protocol implementation in CommuniGate Pro (CGP) 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source emai...

5.7CVSS5.4AI score0.00238EPSS

CVE•added 2006/01/30 6:3 p.m.•42 views

CVE-2006-0468

CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite.

7.5CVSS7.8AI score0.20438EPSS

CVE•added 2000/10/13 4:0 a.m.•35 views

CVE-2000-0634

The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.

5CVSS7.2AI score0.07618EPSS

CVE•added 2007/10/24 11:0 p.m.•35 views

CVE-2003-1481

CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.

5.8CVSS6.7AI score0.02624EPSS

CVE•added 2001/01/22 5:0 a.m.•33 views

CVE-2000-1002

POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.

5CVSS7.1AI score0.04092EPSS

CVE•added 2007/10/31 4:0 p.m.•31 views

CVE-2002-2375

Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more informati...

5CVSS6.8AI score0.0007EPSS

CVE•added 2005/05/02 4:0 a.m.•26 views

CVE-2005-1007

Unknown vulnerability in the LIST functionality in CommuniGate Pro before 4.3c3 allows remote attackers to cause a denial of service (server crash) via certain multipart messages.

5CVSS6.6AI score0.00345EPSS