Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
altn mdaemon webmail vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-18723
Stored cross-site scripting (XSS) in file attachment field in MDaemon webmail 19.5.5 allows an malicious user to execute code on the email recipient side while forwarding an email to perform potentially malicious activities.
Altn Mdaemon Webmail
5.4
CVSSv3
CVE-2020-18724
Authenticated stored cross-site scripting (XSS) in the contact name field in the distribution list of MDaemon webmail 19.5.5 allows an malicious user to executes code and perform a XSS attack while opening a contact list.
Altn Mdaemon Webmail
8.8
CVSSv3
CVE-2018-17792
MDaemon Webmail (formerly WorldClient) has CSRF.
Altn Mdaemon Webmail 14.0
6.1
CVSSv3
CVE-2019-8983
MDaemon Webmail 14.x up to and including 18.x prior to 18.5.2 has XSS (issue 1 of 2).
Altn Mdaemon
6.1
CVSSv3
CVE-2019-8984
MDaemon Webmail 14.x up to and including 18.x prior to 18.5.2 has XSS (issue 2 of 2).
Altn Mdaemon
6.1
CVSSv3
CVE-2021-27180
An issue exists in MDaemon prior to 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user.
Altn Mdaemon
1 Github repository
8.8
CVSSv3
CVE-2021-27182
An issue exists in MDaemon prior to 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an malicious user to perform any action with the privileges of the attacked user.
Altn Mdaemon
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started