Filtered by vendor Hsc
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34472 | 2 Hsc, Hsclabs | 2 Mailinspector, Mailinspector | 2025-11-25 | 5.5 Medium |
| An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An authenticated blind SQL injection vulnerability exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to /mailinspector/mliRealtimeEmails.php does not properly sanitize input, allowing an authenticated attacker to execute arbitrary SQL commands, leading to the potential disclosure of the entire application database. | ||||
| CVE-2024-32369 | 2 Hsc, Hsclabs | 2 Mailinspector, Mailinspector | 2025-06-17 | 4.3 Medium |
| SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component. | ||||
| CVE-2024-32370 | 2 Hsc, Hsclabs | 2 Mailinspector, Mailinspector | 2025-06-17 | 9.8 Critical |
| An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component. | ||||
| CVE-2024-32371 | 2 Hsc, Hsclabs | 2 Mailinspector, Mailinspector | 2025-06-17 | 7.5 High |
| An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0. | ||||
| CVE-2008-3910 | 1 Hsc | 1 Dns2tcp | 2025-04-09 | N/A |
| dns2tcp before 0.4.1 does not properly handle negative values in a certain length field in the input argument to the (1) dns_simple_decode or (2) dns_decode function, which allows remote attackers to overwrite a buffer and have unspecified other impact. | ||||
Page 1 of 1.