CVE-2022-37245: Stored Cross Site Scripting (XSS) at ‘Blacklist’ endpoint

CVE-2022-37245: Stored Cross Site Scripting (XSS) at ‘Blacklist’ endpoint

CVE-2022-37245: Stored Cross Site Scripting (XSS) at ‘Blacklist’ endpoint Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint. The software does not...
CVE-2022-37244: IFRAME Injection at ‘currentRequest’ Parameter

CVE-2022-37244: IFRAME Injection at ‘currentRequest’ Parameter

CVE-2022-37244: IFRAME Injection at ‘currentRequest’ Parameter Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injection via the currentRequest parameter, after login leads to inject...
cve43

CVE-2022-37243: Stored Cross Site Scripting (XSS) at ‘whitelist’ endpoint

CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint. The software does not...
CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter

CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter

CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP...
CVE-2022-37241: Stored Cross Site Scripting (XSS) at ‘data_leak_list_ajax’ endpoint

CVE-2022-37241: Stored Cross Site Scripting (XSS) at ‘data_leak_list_ajax’ endpoint

CVE-2022-37241: HTTP Response splitting through ‘format’ parameter Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint. The software does...
CVE-2022-37240: HTTP Response splitting through ‘format’ parameter Description

CVE-2022-37240: HTTP Response splitting through ‘format’ parameter Description

CVE-2022-37240: HTTP Response splitting through ‘format’ parameter Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter.   Proof of Concept  The Security...
CVE-2022-37239: Stored Cross Site Scripting (XSS) the rules_list_ajax endpoint

CVE-2022-37239: Stored Cross Site Scripting (XSS) the rules_list_ajax endpoint

CVE-2022-37239: Stored Cross Site Scripting (XSS) the rules_list_ajax endpoint Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint. The...
CVE-2022-37238

CVE-2022-37238: Authenticated Reflected Cross Site Scripting (XSS) at ‘currentRequest’ Parameter

CVE-2022-37238: Authenticated Reflected Cross Site Scripting (XSS) at ‘currentRequest’ Parameter Description  On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest...
wifi

Consequences of Public Wifi

  Consequences of Public Wifi WiFi is a radio signal that is transmitted from a wireless router to a device nearby and converted into data you can see and use. The gadget sends a radio signal back to the router, which is wired or cabled into the internet and sets up a network by enabling...
Agriculture in Nepal

Supply Chain Management System of Agriculture in Nepal

  Supply Chain Management System of Agriculture in Nepal 66 percent of its people work in the sector of agriculture in Nepal directly. About 30% of Nepal’s land is used for agricultural purposes. Though the economic structure of Nepal has shifted from agriculture to service and industry over the past few decades, agriculture in Nepal...
Cyber Security Monitoring (CSM)

Cyber Security Monitoring (CSM): Implementation and Challenges

Cyber Security Monitoring (CSM): Implementation and Challenges  The process of continuously watching an IT system for data breaches, cyber threats, or other system weaknesses is known as “cyber security monitoring.” It is a preventative cyber security technique that can assist an organization in sorting through online activity to...
CVE-2022-35168 

CVE-2022-35168  (Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE)

CVE-2022-35168 (Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE) Description    The security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered a Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE. Due to improper input sanitization of XML...