Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securenvoy vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2018-7702
SecurEnvoy SecurMail prior to 9.2.501 allows remote malicious users to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization.
Securenvoy Securmail
1 EDB exploit
4
CVSSv2
CVE-2018-7706
Directory traversal vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. (dot dot) in the option2 parameter in an attachment action to secmail/getmessage.exe.
Securenvoy Securmail
1 EDB exploit
4.3
CVSSv2
CVE-2018-7707
Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote malicious users to inject arbitrary web script or HTML via an HTML-formatted e-mail message.
Securenvoy Securmail
1 EDB exploit
5.5
CVSSv2
CVE-2018-7705
Directory traversal vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. (dot dot) in the filename parameter to secupload2/upload.aspx.
Securenvoy Securmail
1 EDB exploit
5.8
CVSSv2
CVE-2018-7701
Multiple cross-site request forgery (CSRF) vulnerabilities in SecurEnvoy SecurMail prior to 9.2.501 allow remote malicious users to hijack the authentication of arbitrary users for requests that (1) delete e-mail messages via a delete action in a request to secmail/getmessage.exe...
Securenvoy Securmail
1 EDB exploit
4.3
CVSSv2
CVE-2018-7703
Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote malicious users to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe.
Securenvoy Securmail
1 EDB exploit
4
CVSSv2
CVE-2018-7704
SecurEnvoy SecurMail prior to 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via the option1 parameter in a reply action to secmail/getmessage.exe.
Securenvoy Securmail
1 EDB exploit
9.3
CVSSv2
CVE-2020-13376
SecurEnvoy SecurMail 9.3.503 allows malicious users to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie.
Securenvoy Securmail 9.3.503
1.9
CVSSv2
CVE-2018-18466
An issue exists in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs (present in the DEBUG folder) that can be accessed by anyone. NOTE: The vendor disputes this as a vuln...
Securenvoy Securaccess 9.3.502
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started