Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securmail vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-7703
Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote malicious users to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe.
Securenvoy Securmail
1 EDB exploit
6.5
CVSSv3
CVE-2018-7704
SecurEnvoy SecurMail prior to 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via the option1 parameter in a reply action to secmail/getmessage.exe.
Securenvoy Securmail
1 EDB exploit
8.1
CVSSv3
CVE-2018-7705
Directory traversal vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. (dot dot) in the filename parameter to secupload2/upload.aspx.
Securenvoy Securmail
1 EDB exploit
6.1
CVSSv3
CVE-2018-7707
Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote malicious users to inject arbitrary web script or HTML via an HTML-formatted e-mail message.
Securenvoy Securmail
1 EDB exploit
6.5
CVSSv3
CVE-2018-7701
Multiple cross-site request forgery (CSRF) vulnerabilities in SecurEnvoy SecurMail prior to 9.2.501 allow remote malicious users to hijack the authentication of arbitrary users for requests that (1) delete e-mail messages via a delete action in a request to secmail/getmessage.exe...
Securenvoy Securmail
1 EDB exploit
9.1
CVSSv3
CVE-2018-7702
SecurEnvoy SecurMail prior to 9.2.501 allows remote malicious users to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization.
Securenvoy Securmail
1 EDB exploit
6.5
CVSSv3
CVE-2018-7706
Directory traversal vulnerability in SecurEnvoy SecurMail prior to 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. (dot dot) in the option2 parameter in an attachment action to secmail/getmessage.exe.
Securenvoy Securmail
1 EDB exploit
9
CVSSv3
CVE-2020-13376
SecurEnvoy SecurMail 9.3.503 allows malicious users to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie.
Securenvoy Securmail 9.3.503
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started