Every CVE whose affected-product data names Altn Mdaemon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2021-27182 — CVSS 8.8 (high): An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be…
CVE-2021-27181 — CVSS 8.8 (high): An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In…
CVE-2021-27183 — CVSS 7.2 (high): An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write…
CVE-2008-1358 — CVSS 6.5 (medium): Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary…
CVE-2021-27180 — CVSS 6.1 (medium): An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET…
CVE-2022-29975 — CVSS 5.4 (medium): An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .
CVE-2022-29976 — CVSS 5.4 (medium): An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 .
CVE-2008-2631 — CVSS 5.0 (medium): The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference…
CVE-2012-2584 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or…