Vulnerabilities > Pineapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-36720 | Cross-site Scripting vulnerability in Pineapp Mail Secure PineApp - Mail Secure - Attacker sending a request to :/blocking.php?url=<script>alert(1)</script> and stealing cookies . | 4.3 |
| 2013-11-20 | CVE-2013-6831 | Permissions, Privileges, and Access Controls vulnerability in Pineapp Mail-Secure 5099Sk PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account. | 7.2 |
| 2013-11-20 | CVE-2013-6830 | Code Injection vulnerability in Pineapp Mail-Secure 5099Sk admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parameter during an nslookup operation. | 7.5 |
| 2013-11-20 | CVE-2013-6829 | Code Injection vulnerability in Pineapp Mail-Secure admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation. | 7.5 |
| 2013-11-20 | CVE-2013-6828 | Improper Authentication vulnerability in Pineapp Mail-Secure admin/management.html in PineApp Mail-SeCure allows remote attackers to bypass authentication and perform a sys_usermng operation via the it parameter. | 6.4 |
| 2013-11-20 | CVE-2013-6827 | Path Traversal vulnerability in Pineapp Mail-Secure Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter. | 5.0 |
| 2013-11-08 | CVE-2013-4987 | Permissions, Privileges, and Access Controls vulnerability in Pineapp Mail-Secure 3.69 PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command. | 8.5 |