Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
afterlogic aurora vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-26293
An issue exists in AfterLogic Aurora up to and including 8.5.3 and WebMail Pro up to and including 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Serve...
Afterlogic Aurora
Afterlogic Webmail Pro
1 Github repository
5
CVSSv2
CVE-2021-26294
An issue exists in AfterLogic Aurora up to and including 7.7.9 and WebMail Pro up to and including 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/...
Afterlogic Aurora
Afterlogic Webmail Pro
2 Github repositories
3.5
CVSSv2
CVE-2017-14597
AdminPanel in AfterLogic WebMail 7.7 and Aurora 7.7.5 has XSS via the txtDomainName field to adminpanel/modules/pro/inc/ajax.php during addition of a domain.
Afterlogic Aurora 7.7.5
Afterlogic Webmail 7.7
4.3
CVSSv2
CVE-2019-16238
Afterlogic Aurora up to and including 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie from the administrator login.
Afterlogic Aurora
4.3
CVSSv2
CVE-2019-19129
Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name.
Afterlogic Aurora 8.3.11
Afterlogic Webmail Pro 8.3.11
NA
CVE-2023-43176
A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows malicious users to execute arbitrary code via supplying a crafted .sabredav file.
Afterlogic Aurora Files 9.7.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started