chucrutis

3 exploits Active since May 2024
CVE-2024-32369 NOMISEC MEDIUM WRITEUP
HSC Cybersecurity HC Mailinspector <5.2.18 - SQL Injection
SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component.
1 stars
CVSS 4.3
CVE-2024-32370 NOMISEC CRITICAL WRITEUP
HSC Cybersecurity HC Mailinspector <5.2.18 - Info Disclosure
An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.
1 stars
CVSS 9.8
CVE-2024-32371 NOMISEC HIGH WRITEUP
HSC Cybersecurity HC Mailinspector <5.2.18 - Privilege Escalation
An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0.
1 stars
CVSS 7.5