Known Vulnerabilities for products from MailEnable
Listed below are 20 of the newest known vulnerabilities associated with the vendor "MailEnable".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32852 json | MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allo... | Not Provided | 2026-03-23 | 2026-03-30 |
| CVE-2026-32851 json | MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allo... | Not Provided | 2026-03-23 | 2026-03-30 |
| CVE-2026-32850 json | MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allo... | Not Provided | 2026-03-23 | 2026-03-30 |
| CVE-2022-42136 json | Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the ... | 8.8 - HIGH | 2023-01-13 | 2023-01-23 |
| CVE-2019-12927 json | MailEnable Enterprise Premium 10.23 was vulnerable to stored and reflected cross-site scripting (XSS) attacks. Because the se... | 6.1 - MEDIUM | 2019-07-08 | 2019-07-23 |
| CVE-2019-12926 json | MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas. As a result, it was p... | 8.8 - HIGH | 2019-07-08 | 2020-08-24 |
| CVE-2019-12925 json | MailEnable Enterprise Premium 10.23 was vulnerable to multiple directory traversal issues, with which authenticated users cou... | 8.1 - HIGH | 2019-07-08 | 2019-07-16 |
| CVE-2019-12924 json | MailEnable Enterprise Premium 10.23 was vulnerable to XML External Entity Injection (XXE) attacks that could be exploited by ... | 9.8 - CRITICAL | 2019-07-08 | 2020-08-24 |
| CVE-2019-12923 json | In MailEnable Enterprise Premium 10.23, the potential cross-site request forgery (CSRF) protection mechanism was not implemen... | 6.5 - MEDIUM | 2019-07-08 | 2019-07-16 |
| CVE-2015-9280 json | MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter. | 10 - CRITICAL | 2019-01-16 | 2019-10-03 |
| CVE-2015-9279 json | MailEnable before 8.60 allows Stored XSS via malformed use of " |
6.1 - MEDIUM | 2019-01-16 | 2019-01-17 |
| CVE-2015-9278 json | MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandlin... | 9.8 - CRITICAL | 2019-01-16 | 2019-02-01 |
| CVE-2015-9277 json | MailEnable before 8.60 allows Directory Traversal for reading the messages of other users, uploading files, and deleting file... | 9.1 - CRITICAL | 2019-01-16 | 2019-01-17 |
| CVE-2012-2588 json | Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary w... | 4.3 - MEDIUM | 2014-09-19 | 2017-08-29 |
| CVE-2012-0389 json | Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 a... | 4.3 - MEDIUM | 2012-01-24 | 2017-08-29 |
| CVE-2010-2580 json | The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attac... | 5 - MEDIUM | 2010-09-15 | 2018-10-10 |
| CVE-2008-3449 json | MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote attackers to cause a denial of service (crash) via multiple IM... | Not Provided | 2008-08-04 | 2026-04-23 |
| CVE-2008-1277 json | The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attac... | Not Provided | 2008-03-10 | 2026-04-23 |
| CVE-2008-1276 json | Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 an... | Not Provided | 2008-03-10 | 2026-04-23 |
| CVE-2008-1275 json | Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and ear... | Not Provided | 2008-03-10 | 2026-04-23 |
Known software with vulnerabilities from MailEnable
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Mailenable | Mailenable | 1.00 |