Vulnerabilities > Mailenable > High

DATE CVE VULNERABILITY TITLE RISK
2023-01-13 CVE-2022-42136 Path Traversal vulnerability in Mailenable
Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the IIS user had permission to access.
network
low complexity
mailenable CWE-22
8.8
8.8
2019-07-08 CVE-2019-12926 Missing Authorization vulnerability in Mailenable
MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas.
network
low complexity
mailenable CWE-862
8.8
8.8
2019-07-08 CVE-2019-12925 Path Traversal vulnerability in Mailenable
MailEnable Enterprise Premium 10.23 was vulnerable to multiple directory traversal issues, with which authenticated users could add, remove, or potentially read files in arbitrary folders accessible by the IIS user.
network
low complexity
mailenable CWE-22
8.1
8.1