CVE-2008-3726
- EPSS 0.52%
- Veröffentlicht 20.08.2008 16:41:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI.
- EPSS 0.5%
- Veröffentlicht 20.08.2008 16:41:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
- EPSS 0.52%
- Veröffentlicht 20.08.2008 16:41:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determine the installation path, IP addresses, and error m...
CVE-2008-3729
- EPSS 0.66%
- Veröffentlicht 20.08.2008 16:41:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with (1) an IsAdmin=true cookie value or (2) no cookie.