RSS   Vulnerabilities for 'Msr45 isherlock-antispam'   RSS

2020-12-31
 
CVE-2020-35743

CWE-89
 

 
HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages.

 
 
CVE-2020-35742

CWE-89
 

 
HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter.

 
 
CVE-2020-35741

CWE-79
 

 
HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks.

 
 
CVE-2020-35740

CWE-79
 

 
HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks.

 
 
CVE-2020-25848

CWE-522
 

 
HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism.

 

 >>> Vendor: Hgiga 13 Products
Oaklouds ccm\@il
Msr45 isherlock-antispam
Msr45 isherlock-audit
Msr45 isherlock-base
Msr45 isherlock-user
Msr45 isherlock-useradmin
Ssr45 isherlock-antispam
Ssr45 isherlock-audit
Ssr45 isherlock-base
Ssr45 isherlock-user
Ssr45 isherlock-useradmin
Oaklouds portal
Oaklouds openid


Copyright 2021, cxsecurity.com

 

Back to Top