Mail Secure

mail-secure

Vendor: Pineapp • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-36720 1Pineapp 1Mail Secure Nov 21, 2024 Dec 8, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=<script>alert(1)</script> and stealing cookies .
CVE-2013-6829 1Pineapp 1Mail Secure Apr 29, 2026 Nov 20, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation.
CVE-2013-6828 1Pineapp 1Mail Secure Apr 29, 2026 Nov 20, 2013 N/A· v4 N/A· v3 6.4 MEDIUM· v2 admin/management.html in PineApp Mail-SeCure allows remote attackers to bypass authentication and perform a sys_usermng operation via the it parameter.
CVE-2013-6827 1Pineapp 1Mail Secure Apr 29, 2026 Nov 20, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter.
CVE-2013-4987 1Pineapp 1Mail Secure Apr 29, 2026 Nov 8, 2013 N/A· v4 N/A· v3 8.5 HIGH· v2 PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.