Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxmox proxmox mail gateway - vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-43320
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated malicious user to escalate privileges via bypassing the two-factor authentication component.
Proxmox Backup Server
Proxmox Proxmox Mail Gateway
Proxmox Virtual Environment
7.1
CVSSv3
CVE-2022-35507
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote malicious user to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This ...
Proxmox Proxmox Mail Gateway -
Proxmox Pve Http Server
Proxmox Virtual Environment -
9.8
CVSSv3
CVE-2022-35508
Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the...
Proxmox Proxmox Mail Gateway -
Proxmox Pve Http Server
Proxmox Virtual Environment -
6.1
CVSSv3
CVE-2015-9057
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote malicious users to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/white...
Proxmox Proxmox Mail Gateway
6.1
CVSSv3
CVE-2015-9058
Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.
Proxmox Proxmox Mail Gateway
NA
CVE-2014-2325
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to 3.1-5829 allow remote malicious users to inject arbitrary web script or HTML via the (1) state parameter to objects/who/index.htm or (2) User email address to quarantine/spam/manage.htm.
Proxmox Mail Gateway 3.1-5670
Proxmox Mail Gateway
Proxmox Mail Gateway 3.1-5673
Proxmox Mail Gateway 3.0
Proxmox Mail Gateway 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started