GCVE - cpe:2.3:a:microworld_technologies:mailscan:5.6.a:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:microworld_technologies:mailscan:5.6.a:*:*:*:*:*:*:*

part: a version: 5.6.a update: *

Vendor	Microworld Technologies (`dded6eb5-b6d1-56da-a61c-d294d6c45a17`)
Product	Mailscan (`d90fb7ba-4d9c-5c64-8702-36a6685f102c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-3729`	vulnerable	2026-06-08 04:50:36.204158	Details available Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with (1) an IsAdmin=true cookie value or (2) no cookie. Published: 2008-08-20T16:00:00.000Z Updated: 2024-08-07T09:53:00.320Z Open on db.gcve.eu Reference links http://securityreason.com/securityalert/4172 http://www.securityfocus.com/bid/30700 https://exchange.xforce.ibmcloud.com/vulnerabilities/44515 http://marc.info/?l=bugtraq&m=121881329424635&w=2 http://www.oliverkarow.de/research/mailscan.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-3728`	vulnerable	2026-06-08 04:50:36.203840	Details available Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determine the installation path, IP addresses, and error messages via direct requests to files under LOG/. Published: 2008-08-20T16:00:00.000Z Updated: 2024-08-07T09:53:00.442Z Open on db.gcve.eu Reference links http://securityreason.com/securityalert/4172 http://www.securityfocus.com/bid/30700 http://secunia.com/advisories/31534 http://marc.info/?l=bugtraq&m=121881329424635&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/44518	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-3727`	vulnerable	2026-06-08 04:50:36.203483	Details available Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. Published: 2008-08-20T16:00:00.000Z Updated: 2024-08-07T09:53:00.427Z Open on db.gcve.eu Reference links http://securityreason.com/securityalert/4172 http://www.securityfocus.com/bid/30700 http://secunia.com/advisories/31534 https://exchange.xforce.ibmcloud.com/vulnerabilities/44514 http://marc.info/?l=bugtraq&m=121881329424635&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-3726`	vulnerable	2026-06-08 04:50:36.203053	Details available Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI. Published: 2008-08-20T16:00:00.000Z Updated: 2024-08-07T09:53:00.413Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/44517 http://securityreason.com/securityalert/4172 http://www.securityfocus.com/bid/30700 http://secunia.com/advisories/31534 http://marc.info/?l=bugtraq&m=121881329424635&w=2	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Mailscan

PURL mappings

Vulnerability references

Contribute