Mailcleaner

Mailcleaner

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-55560

  • EPSS 0.31%
  • Veröffentlicht 08.12.2024 23:15:05
  • Zuletzt bearbeitet 09.12.2024 16:15:22

MailCleaner before 28d913e has default values of ssh_host_dsa_key, ssh_host_rsa_key, and ssh_host_ed25519_key that persist after installation.

6.1

CVE-2024-3194

Exploit
  • EPSS 0.16%
  • Veröffentlicht 29.04.2024 07:15:08
  • Zuletzt bearbeitet 11.04.2025 14:09:28

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launch...

7.2

CVE-2024-3195

Exploit
  • EPSS 0.15%
  • Veröffentlicht 29.04.2024 07:15:08
  • Zuletzt bearbeitet 10.04.2025 20:42:17

A vulnerability was found in MailCleaner up to 2023.03.14. It has been classified as critical. This affects an unknown part of the component Admin Endpoints. The manipulation leads to path traversal. It is possible to initiate the attack remotely. Th...

6.7

CVE-2024-3196

Exploit
  • EPSS 0.38%
  • Veröffentlicht 29.04.2024 07:15:08
  • Zuletzt bearbeitet 11.04.2025 14:46:45

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/Services_silentDump/Services_stopStartMTA/Config_saveDateTime/Config_hostid/Logs_StartGetStat/dumpConfigurat...

9.8

CVE-2024-3191

Exploit
  • EPSS 3.29%
  • Veröffentlicht 29.04.2024 07:15:07
  • Zuletzt bearbeitet 11.04.2025 14:49:53

A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated ...

9.6

CVE-2024-3192

Exploit
  • EPSS 0.17%
  • Veröffentlicht 29.04.2024 07:15:07
  • Zuletzt bearbeitet 10.04.2025 20:54:16

A vulnerability, which was classified as problematic, was found in MailCleaner up to 2023.03.14. Affected is an unknown function of the component Admin Interface. The manipulation as part of Mail Message leads to cross site scripting. It is possible ...

8.8

CVE-2024-3193

Exploit
  • EPSS 2.21%
  • Veröffentlicht 29.04.2024 07:15:07
  • Zuletzt bearbeitet 10.04.2025 20:46:54

A vulnerability has been found in MailCleaner up to 2023.03.14 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Admin Endpoints. The manipulation leads to os command injection. The attack can be ...

7.5

CVE-2019-1010246

  • EPSS 0.6%
  • Veröffentlicht 18.07.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:18:05

MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. The impact is: MySQL database content disclosure (e.g. username, password). The component is: The API call in ...

9

CVE-2018-20323

Exploit
  • EPSS 75.32%
  • Veröffentlicht 21.03.2019 16:00:35
  • Zuletzt bearbeitet 21.11.2024 04:01:13

www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands.

6.1

CVE-2018-18635

Exploit
  • EPSS 0.24%
  • Veröffentlicht 24.10.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:56:16

www/guis/admin/application/controllers/UserController.php in the administration login interface in MailCleaner CE 2018.08 and 2018.09 allows XSS via the admin/login/user/message/ PATH_INFO.