Cybonet - Pineapp Mail Secure CVE - OpenCVE

Filtered by vendor Cybonet Subscriptions

Filtered by product Pineapp Mail Secure Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-22794	1 Cybonet	1 Pineapp Mail Secure	2024-09-17	6.8 Medium
Cybonet - PineApp Mail Relay Unauthenticated Sql Injection. Attacker can send a request to: /manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /manage/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 and by doing that, the attacker can run Remote Code Execution in one liner.
CVE-2022-22793	1 Cybonet	1 Pineapp Mail Secure	2024-09-16	6.1 Medium
Cybonet - PineApp Mail Relay Local File Inclusion. Attacker can send a request to : /manage/mailpolicymtm/log/eml_viewer/email.content.body.php?filesystem_path=ENCDODED PATH and by doing that, the attacker can read Local Files inside the server.
CVE-2023-31183	1 Cybonet	1 Pineapp Mail Secure	2024-08-02	6.1 Medium
Cybonet PineApp Mail Secure A reflected cross-site scripting (XSS) vulnerability was identified in the product, using an unspecified endpoint.

Page 1 of 1.