Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
altn mdaemon vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-29975
An Authenticated Reflected Cross-site scripting at CC Parameter exists in MDaemon prior to 22.0.0 .
Altn Mdaemon
5.4
CVSSv3
CVE-2022-29976
An Authenticated Reflected Cross-site scripting at BCC Parameter exists in MDaemon prior to 22.0.0 .
Altn Mdaemon
8.8
CVSSv3
CVE-2021-27182
An issue exists in MDaemon prior to 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an malicious user to perform any action with the privileges of the attacked user.
Altn Mdaemon
1 Github repository
6.1
CVSSv3
CVE-2019-8983
MDaemon Webmail 14.x up to and including 18.x prior to 18.5.2 has XSS (issue 1 of 2).
Altn Mdaemon
6.1
CVSSv3
CVE-2019-8984
MDaemon Webmail 14.x up to and including 18.x prior to 18.5.2 has XSS (issue 2 of 2).
Altn Mdaemon
8.8
CVSSv3
CVE-2021-27181
An issue exists in MDaemon prior to 20.0.4. Remote Administration allows an malicious user to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a malicious URL provided by the attacker and successfully authenticate into the applic...
Altn Mdaemon
1 Github repository
6.1
CVSSv3
CVE-2021-27180
An issue exists in MDaemon prior to 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user.
Altn Mdaemon
1 Github repository
7.2
CVSSv3
CVE-2021-27183
An issue exists in MDaemon prior to 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may...
Altn Mdaemon
1 Github repository
NA
CVE-2008-2631
The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted HTTP POST request. NOTE: the provenance of this information is unknown; the details are obtained ...
Altn Mdaemon
1 EDB exploit
5.4
CVSSv3
CVE-2020-18723
Stored cross-site scripting (XSS) in file attachment field in MDaemon webmail 19.5.5 allows an malicious user to execute code on the email recipient side while forwarding an email to perform potentially malicious activities.
Altn Mdaemon Webmail
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »