RSS   Vulnerabilities for 'Postfix admin'   RSS

2019-11-22
 
CVE-2012-0812

CWE-79
 

 
PostfixAdmin 2.3.4 has multiple XSS vulnerabilities

 
2017-03-20
 
CVE-2017-5930

CWE-862
 

 
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check.

 
2014-04-02
 
CVE-2014-2655

CWE-89
 

 
SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias.

 


Copyright 2024, cxsecurity.com

 

Back to Top