Skip to main content

Mdaemon

10 CVEs product

Monthly

CVE-2024-11182 MEDIUM KEV THREAT This Month

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD
CVSS 4.0
5.3
EPSS
17.1%
CVE-2022-29976 MEDIUM This Month

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-29975 MEDIUM This Month

An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-27183 HIGH POC This Week

An issue was discovered in MDaemon before 20.0.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Mdaemon
NVD GitHub
CVSS 3.1
7.2
EPSS
2.7%
CVE-2021-27182 HIGH POC This Week

An issue was discovered in MDaemon before 20.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Mdaemon
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-27181 HIGH POC This Week

An issue was discovered in MDaemon before 20.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Mdaemon
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-27180 MEDIUM POC PATCH This Month

An issue was discovered in MDaemon before 20.0.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Mdaemon
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-8984 MEDIUM This Month

MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-8983 MEDIUM This Month

MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2012-2584 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) the Cascading Style. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Mdaemon
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.4%
EPSS 17% CVSS 5.3
MEDIUM KEV THREAT This Month

An XSS issue was discovered in MDaemon Email Server before version 24.5.1c. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD GitHub
EPSS 3% CVSS 7.2
HIGH POC This Week

An issue was discovered in MDaemon before 20.0.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Mdaemon
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue was discovered in MDaemon before 20.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Mdaemon
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in MDaemon before 20.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Mdaemon
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

An issue was discovered in MDaemon before 20.0.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Mdaemon
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mdaemon
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) the Cascading Style. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Mdaemon
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy