Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Altn Subscribe
Filtered by product Security Gateway For Email Servers
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-37244 1 Altn 1 Security Gateway For Email Servers 2022-08-29 N/A 5.4 MEDIUM
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection.
CVE-2022-37242 1 Altn 1 Security Gateway For Email Servers 2022-08-29 N/A 9.8 CRITICAL
MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter.
CVE-2022-37240 1 Altn 1 Security Gateway For Email Servers 2022-08-29 N/A 9.8 CRITICAL
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter.
CVE-2022-37238 1 Altn 1 Security Gateway For Email Servers 2022-08-26 N/A 5.4 MEDIUM
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.
CVE-2022-37241 1 Altn 1 Security Gateway For Email Servers 2022-08-25 N/A 5.4 MEDIUM
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint.
CVE-2022-37239 1 Altn 1 Security Gateway For Email Servers 2022-08-25 N/A 5.4 MEDIUM
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint.
CVE-2022-37243 1 Altn 1 Security Gateway For Email Servers 2022-08-25 N/A 5.4 MEDIUM
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint.
CVE-2022-37245 1 Altn 1 Security Gateway For Email Servers 2022-08-25 N/A 5.4 MEDIUM
MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint.