Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2013-3729
Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS prior to 2 r1232 allow remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) groups[] parameter in a send action in the sendmail ...
Kasseler-cms Kasseler-cms
1 EDB exploit
6.8
CVSSv2
CVE-2011-0739
The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in an e-mail address.
Mikel Lindsaar Mail 2.2.12
Mikel Lindsaar Mail 2.2.11
Mikel Lindsaar Mail 2.2.5.2
Mikel Lindsaar Mail 2.2.5.1
Mikel Lindsaar Mail 2.1.5.2
Mikel Lindsaar Mail 2.1.5.1
Mikel Lindsaar Mail 2.2.10
Mikel Lindsaar Mail 2.2.9.1
Mikel Lindsaar Mail 2.2.5
Mikel Lindsaar Mail 2.2.4
Mikel Lindsaar Mail 2.2.3
Mikel Lindsaar Mail 2.1.5
Mikel Lindsaar Mail 2.1.3
Mikel Lindsaar Mail 1.5.3
Mikel Lindsaar Mail 1.5.2
Mikel Lindsaar Mail 1.3.5
Mikel Lindsaar Mail 1.3.4
Mikel Lindsaar Mail 1.2.7
Mikel Lindsaar Mail 1.2.6
Mikel Lindsaar Mail 1.6.0
Mikel Lindsaar Mail 1.5.4
Mikel Lindsaar Mail 1.4.2
6.8
CVSSv2
CVE-2007-3215
PHPMailer 1.7, when configured to use sendmail, allows remote malicious users to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.
Phpmailer Phpmailer 1.7.2
Phpmailer Phpmailer 1.7
Phpmailer Phpmailer 1.7.1
Phpmailer Phpmailer 1.7.3
Phpmailer Phpmailer 1.73
6.5
CVSSv2
CVE-2020-12847
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console” that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the application&rsq...
Pydio Cells 2.0.4
6.5
CVSSv2
CVE-2019-9059
An issue exists in CMS Made Simple 2.2.8. It is possible, with an administrator account, to achieve command injection by modifying the path of the e-mail executable in Mail Settings, setting "sendmail" in the "Mailer" option, and launching the "Forgot you...
Cmsmadesimple Cms Made Simple
6.5
CVSSv2
CVE-2006-0845
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname.
Leif M. Wright Web Blog 3.5
6.4
CVSSv2
CVE-2006-1015
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote malicious users to read and create arbitrary files via the sendmail -...
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.4
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.17
Php Php 3.0.18
1 EDB exploit
6.4
CVSSv2
CVE-2002-2423
Sendmail 8.12.0 up to and including 8.12.6 truncates log messages longer than 100 characters, which allows remote malicious users to prevent the IP address from being logged via a long IDENT response.
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.5
Sendmail Sendmail 8.12.6
Sendmail Sendmail 8.12.0
Sendmail Sendmail 8.12.2
6.4
CVSSv2
CVE-1999-0418
Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.
6.2
CVSSv2
CVE-1999-1468
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
Next Next 2.0
Sgi Irix 3.3.3
Next Next 2.1
Sgi Irix 3.3
Sgi Irix 3.3.1
Sgi Irix 3.3.2
Sgi Irix 4.0
Cray Unicos 6.0e
Sun Sunos 4.1.1
Cray Unicos 6.1
Sun Sunos 4.0.3
Sun Sunos 4.0.3c
Sun Sunos 4.1
Cray Unicos 6.0
Sun Sunos 4.1psr A
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »