Mailenable

Mailenable

46 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-34416

  • EPSS 0.01%
  • Veröffentlicht 10.12.2025 16:16:24
  • Zuletzt bearbeitet 23.12.2025 14:15:15

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient in...

6.1

CVE-2025-34425

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 21:13:44
  • Zuletzt bearbeitet 19.12.2025 19:09:54

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the WindowContext parameter of /Mondo/lang/sys/Forms/MAI/compose.aspx. The WindowContext value is not properly sanitized when processed via a GET reque...

6.1

CVE-2025-34409

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:51
  • Zuletzt bearbeitet 09.12.2025 20:17:18

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request...

6.1

CVE-2025-34408

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:51
  • Zuletzt bearbeitet 09.12.2025 20:19:58

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the Added parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Added value is not properly sanitized when processed via a GET request a...

6.1

CVE-2025-34407

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:51
  • Zuletzt bearbeitet 09.12.2025 20:20:21

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the theme parameter of /Mondo/lang/sys/Forms/Statistics.aspx. The theme value is insufficiently sanitized when processed via a GET request and is refle...

6.1

CVE-2025-34406

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:51
  • Zuletzt bearbeitet 09.12.2025 19:40:50

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the Id parameter of /Mobile/ContactDetails.aspx. The Id value is not properly sanitized when processed via a GET request and is reflected within a <scr...

6.1

CVE-2025-34398

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:50
  • Zuletzt bearbeitet 09.12.2025 21:38:31

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the AddressesBcc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesBcc value is not properly sanitized when processed via a GET request...

6.1

CVE-2025-34404

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:50
  • Zuletzt bearbeitet 09.12.2025 19:39:48

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the InstanceScope parameter of /Mondo/lang/sys/Forms/CAL/compose.aspx. The InstanceScope value is not properly sanitized when processed via a GET reque...

6.1

CVE-2025-34403

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:50
  • Zuletzt bearbeitet 09.12.2025 21:34:24

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is re...

6.1

CVE-2025-34402

  • EPSS 0.02%
  • Veröffentlicht 09.12.2025 18:15:50
  • Zuletzt bearbeitet 09.12.2025 21:37:25

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the FieldCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldCc value is not properly sanitized when processed via a GET request and is re...