VYPR
Vendor

Mailcleaner

Products
2
CVEs
10
Across products
11
Status
Private

Products

2

Recent CVEs

10
  • CVE-2018-20323HigMar 21, 2019
    risk 0.65cvss 8.8epss 0.55

    www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands.

  • CVE-2024-55560CriDec 8, 2024
    risk 0.57cvss 9.8epss 0.01

    MailCleaner before 28d913e has default values of ssh_host_dsa_key, ssh_host_rsa_key, and ssh_host_ed25519_key that persist after installation.

  • CVE-2024-3196MedApr 29, 2024
    risk 0.00cvss 6.7epss 0.02

    A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/Services_silentDump/Services_stopStartMTA/Config_saveDateTime/Config_hostid/Logs_StartGetStat/dumpConfiguration of the component SOAP…

  • CVE-2024-3195MedApr 29, 2024
    risk 0.00cvss 4.7epss 0.01

    A vulnerability was found in MailCleaner up to 2023.03.14. It has been classified as critical. This affects an unknown part of the component Admin Endpoints. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed…

  • CVE-2024-3194MedApr 29, 2024
    risk 0.00cvss 4.3epss 0.01

    A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has…

  • CVE-2024-3193HigApr 29, 2024
    risk 0.00cvss 8.8epss 0.04

    A vulnerability has been found in MailCleaner up to 2023.03.14 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Admin Endpoints. The manipulation leads to os command injection. The attack can be launched remotely. The…

  • CVE-2024-3192MedApr 29, 2024
    risk 0.00cvss 4.3epss 0.01

    A vulnerability, which was classified as problematic, was found in MailCleaner up to 2023.03.14. Affected is an unknown function of the component Admin Interface. The manipulation as part of Mail Message leads to cross site scripting. It is possible to launch the attack…

  • CVE-2024-3191CriApr 29, 2024
    risk 0.00cvss 9.8epss 0.05

    A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has…

  • CVE-2019-1010246HigJul 18, 2019
    risk 0.00cvss 7.5epss 0.01

    MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. The impact is: MySQL database content disclosure (e.g. username, password). The component is: The API call in the function allowAction() in…

  • CVE-2018-18635MedOct 24, 2018
    risk 0.00cvss 6.1epss 0.01

    www/guis/admin/application/controllers/UserController.php in the administration login interface in MailCleaner CE 2018.08 and 2018.09 allows XSS via the admin/login/user/message/ PATH_INFO.