CVEs (8)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Hgiga 4Msr45 Isherlock Antispam Msr45 Isherlock UserSsr45 Isherlock Antispam+1 moreNov 21, 2024 Mar 18, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege. |
1Hgiga 2Msr45 Isherlock User Ssr45 Isherlock UserNov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system. |
1Hgiga 4Msr45 Isherlock Antispam Msr45 Isherlock UserSsr45 Isherlock Antispam+1 moreNov 21, 2024 Dec 31, 2020 N/A· v4 7.6 HIGH· v3 6.5 MEDIUM· v2 HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages. |
1Hgiga 4Msr45 Isherlock Antispam Msr45 Isherlock UserSsr45 Isherlock Antispam+1 moreNov 21, 2024 Dec 31, 2020 N/A· v4 7.6 HIGH· v3 6.5 MEDIUM· v2 HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter. |
1Hgiga 4Msr45 Isherlock Antispam Msr45 Isherlock UserSsr45 Isherlock Antispam+1 moreNov 21, 2024 Dec 31, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks. |
1Hgiga 4Msr45 Isherlock Antispam Msr45 Isherlock UserSsr45 Isherlock Antispam+1 moreNov 21, 2024 Dec 31, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks. |
1Hgiga 2Msr45 Isherlock User Ssr45 Isherlock UserNov 21, 2024 Dec 31, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files. |
1Hgiga 10Msr45 Isherlock Antispam Msr45 Isherlock AuditMsr45 Isherlock Base+7 moreNov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism. |