Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mdaemon vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-13612
MDaemon Email Server 19 up to and including 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably inconsistent with currently popular message sizes. This might interfere wit...
Altn Mdaemon Email Server 19
5.4
CVSSv3
CVE-2019-19497
MDaemon Email Server 17.5.1 allows XSS via the filename of an attachment to an email message.
Altn Mdaemon Email Server 17.5.1
1 Github repository
NA
CVE-2005-4209
WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote malicious users to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross...
Alt-n Mdaemon 8.1.3
Alt-n Worldclient 8.1.3
1 EDB exploit
NA
CVE-2005-4266
WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote malicious users to perform actions as other users by guessing or sniffing the random value.
Alt-n Mdaemon 8.1.3
Alt-n Worldclient 8.1.3
NA
CVE-2004-1520
Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command.
Ipswitch Imail 8.13
3 EDB exploits
NA
CVE-1999-0284
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
Ibm Lotus Domino Mail Server
Microsoft Exchange Server 4.0
Microsoft Exchange Server 5.0
3 EDB exploits
NA
CVE-2006-4620
The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account ...
Alt-n Webadmin 3.0.2
Alt-n Webadmin 3.0.3
Alt-n Webadmin 3.2.3
Alt-n Webadmin 3.2.4
Alt-n Webadmin
5.3
CVSSv3
CVE-2022-25356
Alt-N MDaemon Security Gateway up to and including 8.5.0 allows SecurityGateway.dll?view=login XML Injection.
Altn Securitygateway
9.8
CVSSv3
CVE-2022-37240
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter.
Altn Security Gateway For Email Servers 8.5.2
9.8
CVSSv3
CVE-2022-37242
MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter.
Altn Security Gateway For Email Servers 8.5.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »