VYPR

C&Cm@il

by Hgiga

CVEs (4)

  • CVE-2026-2234CriFeb 9, 2026
    risk 0.59cvss 9.1epss 0.00

    C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content.

  • CVE-2026-2236HigFeb 9, 2026
    risk 0.49cvss 7.5epss 0.00

    C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

  • CVE-2026-2235MedFeb 9, 2026
    risk 0.42cvss 6.5epss 0.00

    C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

  • CVE-2025-2150MedMar 10, 2025
    risk 0.35cvss 5.4epss 0.00

    The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote attackers with regular privileges to send emails containing malicious JavaScript code, which will be executed in the recipient's browser when they view the email.