CVE-2022-37245: Stored Cross Site Scripting (XSS) at ‘Blacklist’ endpoint
CVE-2022-37245: Stored Cross Site Scripting (XSS) at ‘Blacklist’ endpoint Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the Blacklist endpoint. The software does not...
CVE-2022-37244: IFRAME Injection at ‘currentRequest’ Parameter
CVE-2022-37244: IFRAME Injection at ‘currentRequest’ Parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to IFRAME Injection via the currentRequest parameter, after login leads to inject...
CVE-2022-37243: Stored Cross Site Scripting (XSS) at ‘whitelist’ endpoint
CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint. The software does not...
CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter
CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP...
CVE-2022-37241: Stored Cross Site Scripting (XSS) at ‘data_leak_list_ajax’ endpoint
CVE-2022-37241: HTTP Response splitting through ‘format’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint. The software does...
CVE-2022-37240: HTTP Response splitting through ‘format’ parameter Description
CVE-2022-37240: HTTP Response splitting through ‘format’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter. Proof of Concept The Security...
CVE-2022-37239: Stored Cross Site Scripting (XSS) the rules_list_ajax endpoint
CVE-2022-37239: Stored Cross Site Scripting (XSS) the rules_list_ajax endpoint Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint. The...
CVE-2022-37238: Authenticated Reflected Cross Site Scripting (XSS) at ‘currentRequest’ Parameter
CVE-2022-37238: Authenticated Reflected Cross Site Scripting (XSS) at ‘currentRequest’ Parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest...
Consequences of Public Wifi
Consequences of Public Wifi WiFi is a radio signal that is transmitted from a wireless router to a device nearby and converted into data you can see and use. The gadget sends a radio signal back to the router, which is wired or cabled into the internet and sets up a network by enabling...
Supply Chain Management System of Agriculture in Nepal
Supply Chain Management System of Agriculture in Nepal 66 percent of its people work in the sector of agriculture in Nepal directly. About 30% of Nepal’s land is used for agricultural purposes. Though the economic structure of Nepal has shifted from agriculture to service and industry over the past few decades, agriculture in Nepal...
Cyber Security Monitoring (CSM): Implementation and Challenges
Cyber Security Monitoring (CSM): Implementation and Challenges The process of continuously watching an IT system for data breaches, cyber threats, or other system weaknesses is known as “cyber security monitoring.” It is a preventative cyber security technique that can assist an organization in sorting through online activity to...
CVE-2022-35168 (Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE)
CVE-2022-35168 (Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE) Description The security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered a Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE. Due to improper input sanitization of XML...