GCVE - cpe:2.3:a:hgiga:msr45_isherlock-antispam:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:hgiga:msr45_isherlock-antispam:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Hgiga (`3395f64f-c7c9-5c57-a478-cf9fa807fa6c`)
Product	Msr45 Isherlock Antispam (`6b4a292c-b92e-51ca-baef-7cf33cabd0ea`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-22848`	vulnerable	2026-06-03 14:43:54.041582	HGiga MailSherlock - SQL Injection-2 HIGH (7) HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege. Published: 2021-03-18T04:35:21.791Z Updated: 2024-09-16T20:57:24.152Z Open on db.gcve.eu Reference links https://www.twcert.org.tw/tw/cp-132-4521-a4fd8-1.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-35743`	vulnerable	2026-06-03 14:42:32.278316	HGiga MailSherlock - SQL Injection -3 HIGH (7) HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages. Published: 2020-12-31T07:45:51.808Z Updated: 2024-09-17T02:37:09.672Z Open on db.gcve.eu Reference links https://www.twcert.org.tw/tw/cp-132-4262-03785-1.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-35742`	vulnerable	2026-06-03 14:42:32.277888	HGiga MailSherlock - SQL Injection -1 HIGH (7) HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter. Published: 2020-12-31T07:45:51.201Z Updated: 2024-09-16T18:03:00.267Z Open on db.gcve.eu Reference links https://www.twcert.org.tw/tw/cp-132-4261-d5379-1.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-35741`	vulnerable	2026-06-03 14:42:32.277451	HGiga MailSherlock - XSS -2 HIGH (7) HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks. Published: 2020-12-31T07:45:50.593Z Updated: 2024-09-16T22:55:57.902Z Open on db.gcve.eu Reference links https://www.twcert.org.tw/tw/cp-132-4260-ba376-1.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-35740`	vulnerable	2026-06-03 14:42:32.275199	HGiga MailSherlock - XSS -1 HIGH (7) HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks. Published: 2020-12-31T07:45:49.988Z Updated: 2024-09-16T23:36:40.227Z Open on db.gcve.eu Reference links https://www.twcert.org.tw/tw/cp-132-4259-90f23-1.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-25848`	vulnerable	2026-06-03 14:42:15.513542	HGiga MailSherlock - Broken Authentication CRITICAL (9.8) HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism. Published: 2020-12-31T07:45:48.728Z Updated: 2024-09-17T00:11:14.724Z Open on db.gcve.eu Reference links https://www.twcert.org.tw/tw/cp-132-4256-cfc5a-1.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.