CVE Tools

altn

Communicationscommercial

21

Cumulative CVEs

8

Monthly snapshots

#76

Peak rank

Top products

security gateway for email servers8

Latest CVEs

The 15 most recently published vulnerabilities affecting altn.

CVE-2022-37238MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.5.4Aug 25, 2022
CVE-2022-37239MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint.5.4Aug 25, 2022
CVE-2022-37240MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter.9.8Aug 25, 2022
CVE-2022-37241MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint.5.4Aug 25, 2022
CVE-2022-37242MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter.9.8Aug 25, 2022
CVE-2022-37243MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint.5.4Aug 25, 2022
CVE-2022-37244MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injectionvia the currentRequest parameter. after login leads to inject malicious tag leads to IFRAME injection.5.4Aug 25, 2022
CVE-2022-37245MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint.5.4Aug 25, 2022
CVE-2022-29976An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 .5.4May 11, 2022
CVE-2022-29975An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .5.4May 11, 2022
CVE-2022-25356Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.5.3Apr 5, 2022
CVE-2021-27183An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any locat...7.2Apr 14, 2021
CVE-2021-27182An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform...8.8Apr 14, 2021
CVE-2021-27181An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a m...8.8Apr 14, 2021
CVE-2021-27180An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of ...6.1Apr 14, 2021