VYPR

PMailServer

by A.K.I Software

CVEs (4)

  • CVE-2023-40747HigMar 18, 2024
    A.K.I Software
    PMailServer
    risk 0.49cvss 7.5epss 0.00

    Directory traversal vulnerability exists in A.K.I Software's PMailServer/PMailServer2 products' CGIs included in Internal Simple Webserver. If this vulnerability is exploited, a remote attacker may access arbitrary files outside DocumentRoot.

  • CVE-2023-39223MedMar 18, 2024
    A.K.I Software
    PMailServer
    risk 0.35cvss 5.4epss 0.00

    Stored cross-site scripting vulnerability exists in CGIs included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser.

  • CVE-2023-39933MedMar 18, 2024
    A.K.I Software
    PMailServer
    risk 0.28cvss 4.3epss 0.00

    Insufficient verification vulnerability exists in Broadcast Mail CGI (pmc.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a user who can upload files through the product may execute an arbitrary executable file with the…

  • CVE-2023-40160LowMar 18, 2024
    A.K.I Software
    PMailServer
    risk 0.24cvss 3.7epss 0.00

    Directory traversal vulnerability exists in Mailing List Search CGI (pmmls.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a remote attacker may obtain arbitrary files on the server.