Page 2 of 12 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user. Se detectó un problema en MDaemon versiones anteriores a 20.0.4. • https://github.com/chudyPB/MDaemon-Advisories https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 60EXPL: 0

Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a different vulnerability than CVE-2008-6893. Múltiples vulnerabilidad no especificada en WorldClient en Alt-N MDaemon anteriores a v10.02 tienen impacto desconocido y vector de ataque, probablemente relativo a de ejecución de secuencias de comandos en sitios cruzados - XSS - WorldClient DLL v10.0.1, una vulnerabilidad diferente que CVE-2008-6893. • http://files.altn.com/MDaemon/Release/RelNotes_en.txt http://osvdb.org/50011 http://secunia.com/advisories/32142 http://www.securityfocus.com/bid/32355 http://www.vupen.com/english/advisories/2008/3206 https://exchange.xforce.ibmcloud.com/vulnerabilities/46688 •

CVSS: 5.0EPSS: 81%CPEs: 1EXPL: 1

The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted HTTP POST request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. La interfaz WordClient en Alt-N Technologies MDaemon 9.6.5 permite a atacantes remotos provocar una denegación de servicio (puntero a referencia NULL o caída de aplicación) a través de una petición HTTP POST manipulada. NOTA: la procedencia de esta información es desconocida; los detalles han sido obtenidos solamente a partir de la información de terceros. • https://www.exploit-db.com/exploits/5727 http://secunia.com/advisories/30474 https://exchange.xforce.ibmcloud.com/vulnerabilities/42809 • CWE-399: Resource Management Errors •

CVSS: 6.5EPSS: 18%CPEs: 1EXPL: 2

Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY. Un desbordamiento de búfer en la región stack de la memoria en el servidor IMAP en Alt-N Technologies MDaemon versión 9.6.4, permite a los usuarios autenticados remotos ejecutar código arbitrario por medio de un comando FETCH con un CUERPO largo. • https://www.exploit-db.com/exploits/16482 https://www.exploit-db.com/exploits/5248 http://files.altn.com/MDaemon/Release/RelNotes_en.txt http://secunia.com/advisories/29382 http://www.be4mind.com/?q=node/256 http://www.securityfocus.com/bid/28245 http://www.securitytracker.com/id?1019615 http://www.vupen.com/english/advisories/2008/0877/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41195 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.6EPSS: 2%CPEs: 1EXPL: 0

Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages. Vulnerabilidad no especificada en DomainPOP en Alt-N Technologies MDaemon anterior a 9.61 permite a atacantes remotos provocar denegación de servicio (caida) a través de mensajes malformados. • http://files.altn.com/MDaemon/Release/RelNotes_en.txt http://osvdb.org/37193 http://secunia.com/advisories/25968 http://www.securityfocus.com/bid/24787 http://www.securitytracker.com/id?1018342 https://exchange.xforce.ibmcloud.com/vulnerabilities/35285 •