Known Vulnerabilities for products from Afterlogic
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Afterlogic".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-43176 json | A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a ... | Not Provided | 2023-10-03 | 2026-07-05 |
| CVE-2021-26294 json | An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to r... | 7.5 - HIGH | 2021-03-07 | 2021-03-11 |
| CVE-2021-26293 json | An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow dir... | 9.8 - CRITICAL | 2021-03-04 | 2021-03-11 |
| CVE-2019-19129 json | Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name. | 6.1 - MEDIUM | 2019-11-26 | 2019-12-09 |
| CVE-2019-16238 json | Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged for session hijacking by retrieving the session cookie... | 6.1 - MEDIUM | 2019-09-12 | 2019-09-13 |
| CVE-2017-14597 json | AdminPanel in AfterLogic WebMail 7.7 and Aurora 7.7.5 has XSS via the txtDomainName field to adminpanel/modules/pro/inc/ajax.... | 4.8 - MEDIUM | 2017-09-19 | 2017-09-22 |
| CVE-2012-2587 json | Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic MailSuite Pro 6.3 allow remote attackers to inject arbitrar... | Not Provided | 2012-08-12 | 2026-04-29 |
| CVE-2009-4743 json | Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allo... | Not Provided | 2010-03-26 | 2026-04-29 |
| CVE-2008-0631 json | Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow remote attackers to (1) overwrite arbitrary files via t... | Not Provided | 2008-02-06 | 2026-04-23 |
| CVE-2008-0333 json | Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows r... | Not Provided | 2008-01-17 | 2026-04-23 |
| CVE-2007-5290 json | Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ... | Not Provided | 2007-10-09 | 2026-04-23 |
| CVE-2007-2061 json | Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to ... | Not Provided | 2007-04-18 | 2026-04-23 |
Known software with vulnerabilities from Afterlogic
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Afterlogic | Aurora | 7.7.5 |
| Application | Afterlogic | Mailsuite Pro | 4.10.0 |
| Application | Afterlogic | Webmail | 7.7 |
| Application | Afterlogic | Webmail Pro | 8.3.11 |