Vendor
Pineapp
Products
2
CVEs
6
Across products
6
Status
Private
Products
2- 4 CVEs
- 2 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-6829 | 0.09 | — | 0.72 | Nov 20, 2013 | admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation. | ||
| CVE-2013-6830 | 0.04 | — | 0.08 | Nov 20, 2013 | admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parameter during an nslookup operation. | ||
| CVE-2013-4987 | 0.04 | — | 0.11 | Nov 8, 2013 | PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command. | ||
| CVE-2013-6831 | 0.03 | — | 0.01 | Nov 20, 2013 | PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account. | ||
| CVE-2013-6828 | 0.00 | — | 0.00 | Nov 20, 2013 | admin/management.html in PineApp Mail-SeCure allows remote attackers to bypass authentication and perform a sys_usermng operation via the it parameter. | ||
| CVE-2013-6827 | 0.00 | — | 0.00 | Nov 20, 2013 | Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter. |