Description
PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Core Security · textlocallinux
https://www.exploit-db.com/exploits/28680
References (1)
Core 1
Core References
Exploit x_refsource_misc
http://www.coresecurity.com/advisories/pinapp-mail-secure-access-control-failure
Scores
EPSS
0.1123
EPSS Percentile
93.5%
Details
CWE
CWE-264
Status
published
Products (1)
pineapp/mail-secure
< 3.69
Published
Nov 08, 2013
Tracked Since
Feb 18, 2026