Vulnerabilities > Seattlelab

DATE CVE VULNERABILITY TITLE RISK
2023-11-23 CVE-2023-4593 Path Traversal vulnerability in Seattlelab Slmail 5.5.0.4433
Path traversal vulnerability whose exploitation could allow an authenticated remote user to bypass SecurityManager's intended restrictions and list a parent directory via any filename, such as a multiple ..%2F value affecting the 'dodoc' parameter in the /MailAdmin_dll.htm file.
network
low complexity
seattlelab CWE-22
6.5
2023-11-23 CVE-2023-4594 Cross-site Scripting vulnerability in Seattlelab Slmail 5.5.0.4433
Stored XSS vulnerability.
network
low complexity
seattlelab CWE-79
5.4
2023-11-23 CVE-2023-4595 File and Directory Information Exposure vulnerability in Seattlelab Slmail 5.5.0.4433
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.
network
low complexity
seattlelab CWE-538
6.5
1998-04-01 CVE-1999-0098 Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.
network
low complexity
apple pmail seattlelab
critical
10.0