Eli Samara

3 exploits Active since Jul 2025
CVE-2025-52372 WRITEUP MEDIUM WRITEUP
Hmailserver - Information Disclosure
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components.
CVSS 5.1
CVE-2025-52373 WRITEUP MEDIUM WRITEUP
hMailServer <5.8.6, 5.6.9-beta - Info Disclosure
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file.
CVSS 4.6
CVE-2025-52374 WRITEUP MEDIUM WRITEUP
hMailServer <5.8.6, <5.6.9-beta - Info Disclosure
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections.
CVSS 4.6