Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (84 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-9280 1 Mailenable 1 Mailenable 2024-11-21 10.0 Critical
MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter.
CVE-2015-9279 1 Mailenable 1 Mailenable 2024-11-21 N/A
MailEnable before 8.60 allows Stored XSS via malformed use of "<img/src" with no ">" character in the body of an e-mail message.
CVE-2015-9278 1 Mailenable 1 Mailenable 2024-11-21 N/A
MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request.
CVE-2015-9277 1 Mailenable 1 Mailenable 2024-11-21 N/A
MailEnable before 8.60 allows Directory Traversal for reading the messages of other users, uploading files, and deleting files because "/../" and "/.. /" are mishandled.