VYPR
Vendor

Hsc

Products
2
CVEs
10
Across products
10
Status
Private

Products

2

Recent CVEs

10
  • CVE-2024-32370CriMay 7, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.

  • CVE-2024-34470HigMay 6, 2024
    risk 0.56cvss 8.6epss 0.07

    An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an…

  • CVE-2024-32371HigMay 7, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0.

  • CVE-2026-29965MedMay 18, 2026
    risk 0.40cvss 6.1epss 0.00

    HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting (XSS) in the /police/WarningUrlPage.php endpoint due to improper neutralization of user-supplied input that uses alternate or obfuscated JavaScript syntax.

  • CVE-2026-29964MedMay 18, 2026
    risk 0.40cvss 6.1epss 0.00

    HSC MailInspector v5.3.3-7 contains a Cross-Site Scripting (XSS) vulnerability in the /tap/tap.php endpoint due to improper neutralization of user-controlled input using alternate or obfuscated JavaScript syntax. The endpoint reflects unsanitized user input in HTTP responses…

  • CVE-2024-34472MedMay 6, 2024
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An authenticated blind SQL injection vulnerability exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to /mailinspector/mliRealtimeEmails.php does not properly sanitize…

  • CVE-2024-34471MedMay 6, 2024
    risk 0.35cvss 5.4epss 0.01

    An issue was discovered in HSC Mailinspector 5.2.17-3. A Path Traversal vulnerability (resulting in file deletion) exists in the mliRealtimeEmails.php file. The filename parameter in the export HTML functionality does not properly validate the file location, allowing an attacker…

  • CVE-2026-3610MedMar 6, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in HSC Cybersecurity Mailinspector up to 5.3.2-3. Affected by this issue is some unknown functionality of the file /mailinspector/mliUserValidation.php of the component URL Handler. The manipulation of the argument error_description results in cross…

  • CVE-2024-32369MedMay 7, 2024
    risk 0.28cvss 4.3epss 0.01

    SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component.

  • CVE-2008-3910Sep 4, 2008
    risk 0.00cvss epss 0.02

    dns2tcp before 0.4.1 does not properly handle negative values in a certain length field in the input argument to the (1) dns_simple_decode or (2) dns_decode function, which allows remote attackers to overwrite a buffer and have unspecified other impact.