Pineapp: >> Mail-Secure Security Vulnerabilities
Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter.
CVSS Score
5.0
EPSS Score
0.002
Published
2013-11-20
admin/management.html in PineApp Mail-SeCure allows remote attackers to bypass authentication and perform a sys_usermng operation via the it parameter.
CVSS Score
6.4
EPSS Score
0.002
Published
2013-11-20
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation.
CVSS Score
7.5
EPSS Score
0.719
Published
2013-11-20
PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.
CVSS Score
8.5
EPSS Score
0.076
Published
2013-11-08