MidnightBSD

Advisories for dounokouno

CVE-2015-0910 MEDIUM

Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
dounokouno transmitmail 1.3.0
dounokouno transmitmail 1.0.11
dounokouno transmitmail 1.5.1
dounokouno transmitmail 1.1.4
dounokouno transmitmail 1.1.2
dounokouno transmitmail 1.1.1
dounokouno transmitmail 1.1.3
dounokouno transmitmail 1.4.0
dounokouno transmitmail 1.4.1
dounokouno transmitmail 1.5.6
dounokouno transmitmail 1.5.8
dounokouno transmitmail 1.2.1
dounokouno transmitmail 1.1.0
dounokouno transmitmail 1.5.0
dounokouno transmitmail 1.2.0
dounokouno transmitmail 1.5.3
dounokouno transmitmail 1.5.7
dounokouno transmitmail 1.3.1
dounokouno transmitmail 1.5.2
dounokouno transmitmail 1.5.4
dounokouno transmitmail 1.5.5
dounokouno transmitmail 1.4.2
CVE-2015-0911 MEDIUM

Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
dounokouno transmitmail 1.3.0
dounokouno transmitmail 1.0.11
dounokouno transmitmail 1.5.1
dounokouno transmitmail 1.1.4
dounokouno transmitmail 1.1.2
dounokouno transmitmail 1.1.1
dounokouno transmitmail 1.1.3
dounokouno transmitmail 1.4.0
dounokouno transmitmail 1.4.1
dounokouno transmitmail 1.5.6
dounokouno transmitmail 1.5.8
dounokouno transmitmail 1.2.1
dounokouno transmitmail 1.1.0
dounokouno transmitmail 1.5.0
dounokouno transmitmail 1.2.0
dounokouno transmitmail 1.5.3
dounokouno transmitmail 1.5.7
dounokouno transmitmail 1.3.1
dounokouno transmitmail 1.5.2
dounokouno transmitmail 1.5.4
dounokouno transmitmail 1.5.5
dounokouno transmitmail 1.4.2
CVE-2022-21193 MEDIUM

Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
dounokouno transmitmail *
CVE-2022-22146 MEDIUM

Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
dounokouno transmitmail *