VYPR

Mailscan

by MicroWorld Technologies

CVEs (4)

  • CVE-2008-3727Aug 20, 2008
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.

  • CVE-2008-3729Aug 20, 2008
    risk 0.00cvss epss 0.02

    Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with (1) an IsAdmin=true cookie value or (2) no cookie.

  • CVE-2008-3726Aug 20, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI.

  • CVE-2008-3728Aug 20, 2008
    risk 0.00cvss epss 0.02

    Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determine the installation path, IP addresses, and error messages via direct requests…