Filtered by vendor Pineapp
Subscribe
Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-36720 | 1 Pineapp | 1 Mail Secure | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=<script>alert(1)</script> and stealing cookies . | |||||
CVE-2013-6831 | 1 Pineapp | 1 Mail-secure 5099sk | 2024-11-21 | 7.2 HIGH | N/A |
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account. | |||||
CVE-2013-6830 | 1 Pineapp | 1 Mail-secure 5099sk | 2024-11-21 | 7.5 HIGH | N/A |
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parameter during an nslookup operation. | |||||
CVE-2013-6829 | 1 Pineapp | 1 Mail-secure | 2024-11-21 | 7.5 HIGH | N/A |
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation. | |||||
CVE-2013-6828 | 1 Pineapp | 1 Mail-secure | 2024-11-21 | 6.4 MEDIUM | N/A |
admin/management.html in PineApp Mail-SeCure allows remote attackers to bypass authentication and perform a sys_usermng operation via the it parameter. | |||||
CVE-2013-6827 | 1 Pineapp | 1 Mail-secure | 2024-11-21 | 5.0 MEDIUM | N/A |
Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter. | |||||
CVE-2013-4987 | 1 Pineapp | 1 Mail-secure | 2024-11-21 | 8.5 HIGH | N/A |
PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command. |