Mailsherlock Msr45/Ssr45
Approved changes feed: RSS · Atom
cpe:2.3:a:hgiga:mailsherlock_msr45/ssr45:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Hgiga (3395f64f-c7c9-5c57-a478-cf9fa807fa6c) |
|---|---|
| Product | Mailsherlock Msr45/Ssr45 (1f4b3319-9195-5a96-af01-dd232196ecad) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-22848 |
vulnerable | 2026-06-03 14:43:54.041031 |
HGiga MailSherlock - SQL Injection-2
HIGH (7)
HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege.
Published: 2021-03-18T04:35:21.791Z
Updated: 2024-09-16T20:57:24.152Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35851 |
vulnerable | 2026-06-03 14:42:32.764830 |
HGiga MailSherlock - Command Injection
HIGH (8.1)
HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system.
Published: 2020-12-31T07:45:52.468Z
Updated: 2024-09-17T04:25:22.980Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35743 |
vulnerable | 2026-06-03 14:42:32.278287 |
HGiga MailSherlock - SQL Injection -3
HIGH (7)
HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages.
Published: 2020-12-31T07:45:51.808Z
Updated: 2024-09-17T02:37:09.672Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35742 |
vulnerable | 2026-06-03 14:42:32.277856 |
HGiga MailSherlock - SQL Injection -1
HIGH (7)
HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter.
Published: 2020-12-31T07:45:51.201Z
Updated: 2024-09-16T18:03:00.267Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35741 |
vulnerable | 2026-06-03 14:42:32.277409 |
HGiga MailSherlock - XSS -2
HIGH (7)
HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks.
Published: 2020-12-31T07:45:50.593Z
Updated: 2024-09-16T22:55:57.902Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35740 |
vulnerable | 2026-06-03 14:42:32.274599 |
HGiga MailSherlock - XSS -1
HIGH (7)
HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks.
Published: 2020-12-31T07:45:49.988Z
Updated: 2024-09-16T23:36:40.227Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25850 |
vulnerable | 2026-06-03 14:42:15.527035 |
HGiga MailSherlock - Arbitrary File Download
HIGH (8.1)
The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files.
Published: 2020-12-31T07:45:49.379Z
Updated: 2024-09-16T20:36:52.413Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25848 |
vulnerable | 2026-06-03 14:42:15.511886 |
HGiga MailSherlock - Broken Authentication
CRITICAL (9.8)
HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism.
Published: 2020-12-31T07:45:48.728Z
Updated: 2024-09-17T00:11:14.724Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.