Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mdaemon mdaemon vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-29976
An Authenticated Reflected Cross-site scripting at BCC Parameter exists in MDaemon prior to 22.0.0 .
Altn Mdaemon
6.1
CVSSv3
CVE-2019-8983
MDaemon Webmail 14.x up to and including 18.x prior to 18.5.2 has XSS (issue 1 of 2).
Altn Mdaemon
NA
CVE-2008-1358
Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.
Altn Mdaemon 9.6.4
2 EDB exploits
5.4
CVSSv3
CVE-2020-18724
Authenticated stored cross-site scripting (XSS) in the contact name field in the distribution list of MDaemon webmail 19.5.5 allows an malicious user to executes code and perform a XSS attack while opening a contact list.
Altn Mdaemon Webmail
NA
CVE-2006-5709
Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon prior to 9.50 has unknown impact and attack vectors related to a "JavaScript exploit."
Alt-n Mdaemon
NA
CVE-2003-1471
MDaemon POP server 6.0.7 and previous versions allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number.
Alt-n Mdaemon
NA
CVE-2007-3622
Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon prior to 9.61 allows remote malicious users to cause a denial of service (crash) via malformed messages.
Alt-n Mdaemon
5.4
CVSSv3
CVE-2020-18723
Stored cross-site scripting (XSS) in file attachment field in MDaemon webmail 19.5.5 allows an malicious user to execute code on the email recipient side while forwarding an email to perform potentially malicious activities.
Altn Mdaemon Webmail
NA
CVE-2012-2584
Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) the Cascading Style Sheets (CSS) expression property in conjunction with a CSS comment within t...
Altn Mdaemon 12.5.4
1 EDB exploit
NA
CVE-2000-0716
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
Alt-n Mdaemon 2.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »