Skip to main content

Msr45 Isherlock Base

3 CVEs product

Monthly

CVE-2020-25848 CRITICAL Act Now

HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Msr45 Isherlock Antispam Msr45 Isherlock Audit Msr45 Isherlock Base Msr45 Isherlock User +6
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2019-9883 HIGH POC This Week

Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Msr35 Isherlock Base Msr35 Isherlock Sysinfo Msr35 Isherlock User Msr35 Isherlock Useradmin +4
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2019-9882 HIGH POC This Week

Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Msr35 Isherlock Base Msr35 Isherlock Sysinfo Msr35 Isherlock User +5
NVD
CVSS 3.0
8.8
EPSS
0.7%
EPSS 2% CVSS 9.8
CRITICAL Act Now

HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Msr45 Isherlock Antispam Msr45 Isherlock Audit +8
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Msr35 Isherlock Base Msr35 Isherlock Sysinfo +6
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Msr35 Isherlock Base +7
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy