Vulnerabilities > Softnext
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-29 | CVE-2024-5670 | OS Command Injection vulnerability in Softnext SN OS 10.3/12.1/12.3 The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server. | 9.8 |
| 2023-12-15 | CVE-2023-48380 | OS Command Injection vulnerability in Softnext Mail SQR Expert 2Dut.190301/2Dut.220701 Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. | 8.0 |
| 2023-12-15 | CVE-2023-48381 | Path Traversal vulnerability in Softnext Mail SQR Expert 2Dut.190301/2Dut.220701 Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion (LFI) vulnerability in a special URL. | 6.5 |
| 2023-12-15 | CVE-2023-48382 | Path Traversal vulnerability in Softnext Mail SQR Expert 2Dut.190301/2Dut.220701 Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion (LFI) vulnerability in a mail deliver-related URL. | 6.5 |
| 2023-12-15 | CVE-2023-48378 | Path Traversal vulnerability in Softnext Mail SQR Expert 2Dut.190301/2Dut.220701 Softnext Mail SQR Expert has a path traversal vulnerability within its parameter in a specific URL. | 7.5 |
| 2023-12-15 | CVE-2023-48379 | Server-Side Request Forgery (SSRF) vulnerability in Softnext Mail SQR Expert 2Dut.190301/2Dut.220701 Softnext Mail SQR Expert is an email management platform, it has inadequate filtering for a specific URL parameter within a specific function. | 5.3 |
| 2023-03-27 | CVE-2023-24835 | Code Injection vulnerability in Softnext Spam SQR Softnext Technologies Corp.’s SPAM SQR has a vulnerability of Code Injection within its specific function. | 7.2 |
| 2022-10-31 | CVE-2022-40741 | OS Command Injection vulnerability in Softnext Mail SQR Expert 2Dut.190301 Mail SQR Expert’s specific function has insufficient filtering for special characters. | 9.8 |
| 2022-10-31 | CVE-2022-40742 | Path Traversal vulnerability in Softnext Mail SQR Expert 2Dut.220701 Mail SQR Expert system has a Local File Inclusion vulnerability. | 6.5 |