Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pineapp mail-secure - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-6829
admin/confnetworking.html in PineApp Mail-SeCure allows remote malicious users to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation.
Pineapp Mail-secure -
1 EDB exploit
5
CVSSv2
CVE-2013-6827
Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote malicious users to read arbitrary files via a full pathname in the msg parameter.
Pineapp Mail-secure -
6.4
CVSSv2
CVE-2013-6828
admin/management.html in PineApp Mail-SeCure allows remote malicious users to bypass authentication and perform a sys_usermng operation via the it parameter.
Pineapp Mail-secure -
8.5
CVSSv2
CVE-2013-4987
PineApp Mail-SeCure prior to 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.
Pineapp Mail-secure
1 EDB exploit
4.3
CVSSv2
CVE-2021-36720
PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=<script>alert(1)</script> and stealing cookies .
Pineapp Mail Secure
7.5
CVSSv2
CVE-2013-6830
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and previous versions on 5099SK and previous versions platforms allows remote malicious users to execute arbitrary commands via shell metacharacters in the nsserver parameter during an nslookup operation.
Pineapp Mail-secure 5099sk
1 EDB exploit
7.2
CVSSv2
CVE-2013-6831
PineApp Mail-SeCure 3.70 and previous versions on 5099SK and previous versions platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account.
Pineapp Mail-secure 5099sk
1 EDB exploit
5
CVSSv2
CVE-2022-22793
Cybonet - PineApp Mail Relay Local File Inclusion. Attacker can send a request to : /manage/mailpolicymtm/log/eml_viewer/email.content.body.php?filesystem_path=ENCDODED PATH and by doing that, the attacker can read Local Files inside the server.
Cybonet Pineapp Mail Secure -
7.5
CVSSv2
CVE-2022-22794
Cybonet - PineApp Mail Relay Unauthenticated Sql Injection. Attacker can send a request to: /manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /manage/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/...
Cybonet Pineapp Mail Secure -
NA
CVE-2023-31183
Cybonet PineApp Mail Secure A reflected cross-site scripting (XSS) vulnerability was identified in the product, using an unspecified endpoint.
Cybonet Pineapp Mail Secure
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »