Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Analogic Subscribe
Filtered by product Poste.io
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-12938 1 Analogic 1 Poste.io 2019-06-27 4.0 MEDIUM 4.3 MEDIUM
The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.