CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint. The software does not neutralize or incorrectly neutralizes user-controllable input before […]
Category: Featured Topics
CVE-2022-37242: HTTP Response splitting through ‘DATA’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to MDaemon Technologies SecurityGateway for Email Servers 8.5.2, is vulnerable to HTTP Response splitting via the data parameter. Proof […]
CVE-2022-37241: HTTP Response splitting through ‘format’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the data_leak_list_ajax endpoint. The software does not neutralize or incorrectly neutralizes user-controllable input before […]
CVE-2022-37240: HTTP Response splitting through ‘format’ parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter. Proof of Concept The Security Team of Green Tick Nepal Pvt. […]
CVE-2022-37239: Stored Cross Site Scripting (XSS) the rules_list_ajax endpoint Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the rulles_list_ajax endpoint. The software does not neutralize or incorrectly neutralizes user-controllable […]
CVE-2022-37238: Authenticated Reflected Cross Site Scripting (XSS) at ‘currentRequest’ Parameter Description On June 05, the security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered that MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter. Proof of Concept The Security Team of […]
Consequences of Public Wifi WiFi is a radio signal that is transmitted from a wireless router to a device nearby and converted into data you can see and use. The gadget sends a radio signal back to the router, which is wired or cabled into the internet and sets up a network by enabling […]
Supply Chain Management System of Agriculture in Nepal 66 percent of its people work in the sector of agriculture in Nepal directly. About 30% of Nepal’s land is used for agricultural purposes. Though the economic structure of Nepal has shifted from agriculture to service and industry over the past few decades, agriculture in Nepal […]
Cyber Security Monitoring (CSM): Implementation and Challenges The process of continuously watching an IT system for data breaches, cyber threats, or other system weaknesses is known as “cyber security monitoring.” It is a preventative cyber security technique that can assist an organization in sorting through online activity to identify incidents that might be a threat […]
CVE-2022-35168 (Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE) Description The security team of Green Tick Nepal Pvt. Ltd. located in Kathmandu, Nepal discovered a Denial of Service vulnerability in SAP Business one Version – 10.0 product of SAP SE. Due to improper input sanitization of XML input […]