Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange appsuite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-29853
OX App Suite up to and including 8.2 allows XSS via a certain complex hierarchy that forces use of Show Entire Message for a huge HTML e-mail message.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
Open-xchange Open-xchange Appsuite 8.2
668
VMScore
CVE-2013-5200
The (1) REST and (2) memcache interfaces in the Hazelcast cluster API in Open-Xchange AppSuite 7.0.x prior to 7.0.2-rev15 and 7.2.x prior to 7.2.2-rev16 do not require authentication, which allows remote malicious users to obtain sensitive information or modify data via an API ca...
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.0.1
445
VMScore
CVE-2020-8543
OX App Suite up to and including 7.10.3 has Improper Input Validation.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
356
VMScore
CVE-2020-8544
OX App Suite up to and including 7.10.3 allows SSRF.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
383
VMScore
CVE-2013-5936
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x prior to 7.0.2-rev15 and 7.2.x prior to 7.2.2-rev16 allows remote malicious users to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5)...
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.0.1
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.0
383
VMScore
CVE-2013-5935
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x prior to 7.0.2-rev15 and 7.2.x prior to 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote malicious users to obtain access by sending network t...
Open-xchange Open-xchange Appsuite 7.0.1
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.0
383
VMScore
CVE-2013-6074
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.2.x prior to 7.2.2-rev25 and 7.4.x prior to 7.4.0-rev14 allows remote malicious users to inject arbitrary web script or HTML via an attached SVG file.
Open-xchange Open-xchange Appsuite 7.4.0
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.2
356
VMScore
CVE-2013-6241
The Birthday widget in the backend in Open-Xchange (OX) AppSuite 7.2.x prior to 7.2.2-rev25 and 7.4.x prior to 7.4.0-rev14, in certain user-id sharing scenarios, does not properly construct a SQL statement for next-year birthdays, which allows remote authenticated users to obtain...
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.2
Open-xchange Open-xchange Appsuite 7.4.0
312
VMScore
CVE-2013-4790
Open-Xchange AppSuite prior to 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other ...
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.2
383
VMScore
CVE-2013-6242
Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 6.22.3 prior to 6.22.3-rev5 and 6.22.4 prior to 6.22.4-rev12 allows remote malicious users to inject arbitrary web script or HTML via the subject of an email. NOTE: the vulnerabilities related ...
Open-xchange Open-xchange Appsuite 6.22.3
Open-xchange Open-xchange Appsuite 6.22.4
Open-xchange Open-xchange Appsuite 7.2.2
Open-xchange Open-xchange Appsuite 7.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »