← Back

Pineapp

pineapp

7 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Mail Secure
mail-secure
5 CVEs
Mail Secure 5099sk
mail-secure_5099sk
2 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-36720
1Pineapp
1Mail Secure
Nov 21, 2024
Dec 8, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=<script>alert(1)</script> and stealing cookies .
CVE-2013-6831
1Pineapp
1Mail Secure 5099sk
Apr 29, 2026
Nov 20, 2013
N/A· v4
N/A· v3
7.2 HIGH· v2
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages a...Show more
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account.Show less
CVE-2013-6830
1Pineapp
1Mail Secure 5099sk
Apr 29, 2026
Nov 20, 2013
N/A· v4
N/A· v3
7.5 HIGH· v2
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parameter during an nslooku...Show more
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parameter during an nslookup operation.Show less
CVE-2013-6829
1Pineapp
1Mail Secure
Apr 29, 2026
Nov 20, 2013
N/A· v4
N/A· v3
7.5 HIGH· v2
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation.
CVE-2013-6828
1Pineapp
1Mail Secure
Apr 29, 2026
Nov 20, 2013
N/A· v4
N/A· v3
6.4 MEDIUM· v2
admin/management.html in PineApp Mail-SeCure allows remote attackers to bypass authentication and perform a sys_usermng operation via the it parameter.
CVE-2013-6827
1Pineapp
1Mail Secure
Apr 29, 2026
Nov 20, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter.
CVE-2013-4987
1Pineapp
1Mail Secure
Apr 29, 2026
Nov 8, 2013
N/A· v4
N/A· v3
8.5 HIGH· v2
PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.