Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging gateway vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2019-18378
Symantec Messaging Gateway, before 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable malicious users to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by ...
Symantec Messaging Gateway
7.5
CVSSv2
CVE-2019-18379
Symantec Messaging Gateway, before 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the ...
Symantec Messaging Gateway
NA
CVE-2022-25630
An authenticated user can embed malicious content with XSS into the admin group policy page.
Symantec Messaging Gateway
7.5
CVSSv2
CVE-2018-12242
The Symantec Messaging Gateway product before 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow malicious users to potentially circumvent security mechanisms currently in place and gain access to the system or network.
Symantec Messaging Gateway
4
CVSSv2
CVE-2016-5312
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway prior to 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
Symantec Messaging Gateway
1 EDB exploit
6
CVSSv2
CVE-2017-6325
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using ...
Symantec Messaging Gateway
10
CVSSv2
CVE-2017-6326
The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.
Symantec Messaging Gateway
1 EDB exploit
5.5
CVSSv2
CVE-2017-15532
before 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to ac...
Symantec Messaging Gateway
2.7
CVSSv2
CVE-2019-9699
Symantec Messaging Gateway (before 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
Symantec Messaging Gateway
NA
CVE-2022-25629
An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).
Symantec Messaging Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »