Openfind MAIL2000 Webmail vulnerabilities - Prophaze

Openfind MAIL2000 Webmail vulnerabilities

Overview :

Multiple flaws in Openfind MAIL2000 through version 6.0 and 7.0

Affected Product(s) :

Openfind MAIL2000 through version 6.0 and 7.0

Vulnerability Details :

CVE ID :	CVE-2019-15073
	An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE ID :	CVE-2019-15072
	The login feature in “/cgi-bin/portal” in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE ID :	CVE-2019-15071
	The “/cgi-bin/go” page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail system of governments, organizations, companies and universities.

Solution :

Update to the last version

Contact us to get started

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

Description zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db)

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery in URL Mapper in Arctic Security’s Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with

img:is([sizes="auto" i],[sizes^="auto," i]){contain-intrinsic-size:3000px 1500px;}.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em;}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none;}:root{--wp--preset--aspect-ratio--square:1;--wp--preset--aspect-ratio--4-3:4/3;--wp--preset--aspect-ratio--3-4:3/4;--wp--preset--aspect-ratio--3-2:3/2;--wp--preset--aspect-ratio--2-3:2/3;--wp--preset--aspect-ratio--16-9:16/9;--wp--preset--aspect-ratio--9-16:9/16;--wp--preset--color--black:#000;--wp--preset--color--cyan-bluish-gray:#abb8c3;--wp--preset--color--white:#fff;--wp--preset--color--pale-pink:#f78da7;--wp--preset--color--vivid-red:#cf2e2e;--wp--preset--color--luminous-vivid-orange:#ff6900;--wp--preset--color--luminous-vivid-amber:#fcb900;--wp--preset--color--light-green-cyan:#7bdcb5;--wp--preset--color--vivid-green-cyan:#00d084;--wp--preset--color--pale-cyan-blue:#8ed1fc;--wp--preset--color--vivid-cyan-blue:#0693e3;--wp--preset--color--vivid-purple:#9b51e0;--wp--preset--color--pink:#ff3467;--wp--preset--color--blue:#2550de;--wp--preset--color--light-blue:#287ac7;--wp--preset--color--dark-blue:#353f58;--wp--preset--color--silver:#656970;--wp--preset--color--clouds:#f7fbff;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple:linear-gradient(135deg,rgba(6,147,227,1) 0%,#9b51e0 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan:linear-gradient(135deg,#7adcb4 0%,#00d082 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange:linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red:linear-gradient(135deg,rgba(255,105,0,1) 0%,#cf2e2e 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray:linear-gradient(135deg,#eee 0%,#a9b8c3 100%);--wp--preset--gradient--cool-to-warm-spectrum:linear-gradient(135deg,#4aeadc 0%,#9778d1 20%,#cf2aba 40%,#ee2c82 60%,#fb6962 80%,#fef84c 100%);--wp--preset--gradient--blush-light-purple:linear-gradient(135deg,#ffceec 0%,#9896f0 100%);--wp--preset--gradient--blush-bordeaux:linear-gradient(135deg,#fecda5 0%,#fe2d2d 50%,#6b003e 100%);--wp--preset--gradient--luminous-dusk:linear-gradient(135deg,#ffcb70 0%,#c751c0 50%,#4158d0 100%);--wp--preset--gradient--pale-ocean:linear-gradient(135deg,#fff5cb 0%,#b6e3d4 50%,#33a7b5 100%);--wp--preset--gradient--electric-grass:linear-gradient(135deg,#caf880 0%,#71ce7e 100%);--wp--preset--gradient--midnight:linear-gradient(135deg,#020381 0%,#2874fc 100%);--wp--preset--font-size--small:13px;--wp--preset--font-size--medium:20px;--wp--preset--font-size--large:36px;--wp--preset--font-size--x-large:42px;--wp--preset--spacing--20:.44rem;--wp--preset--spacing--30:.67rem;--wp--preset--spacing--40:1rem;--wp--preset--spacing--50:1.5rem;--wp--preset--spacing--60:2.25rem;--wp--preset--spacing--70:3.38rem;--wp--preset--spacing--80:5.06rem;--wp--preset--shadow--natural:6px 6px 9px rgba(0,0,0,.2);--wp--preset--shadow--deep:12px 12px 50px rgba(0,0,0,.4);--wp--preset--shadow--sharp:6px 6px 0px rgba(0,0,0,.2);--wp--preset--shadow--outlined:6px 6px 0px -3px rgba(255,255,255,1),6px 6px rgba(0,0,0,1);--wp--preset--shadow--crisp:6px 6px 0px rgba(0,0,0,1);}:where(.is-layout-flex){gap:.5em;}:where(.is-layout-grid){gap:.5em;}body .is-layout-flex{display:flex;}.is-layout-flex{flex-wrap:wrap;align-items:center;}.is-layout-flex > :is(*,div){margin:0;}body .is-layout-grid{display:grid;}.is-layout-grid > :is(*,div){margin:0;}:where(.wp-block-columns.is-layout-flex){gap:2em;}:where(.wp-block-columns.is-layout-grid){gap:2em;}:where(.wp-block-post-template.is-layout-flex){gap:1.25em;}:where(.wp-block-post-template.is-layout-grid){gap:1.25em;}.has-black-color{color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color:var(--wp--preset--color--white) !important;}.has-pale-pink-color{color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color:var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color:var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color:var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color:var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color:var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background:var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background:var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background:var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background:var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background:var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background:var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background:var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background:var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background:var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background:var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background:var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background:var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size:var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size:var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size:var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size:var(--wp--preset--font-size--x-large) !important;}:where(.wp-block-post-template.is-layout-flex){gap:1.25em;}:where(.wp-block-post-template.is-layout-grid){gap:1.25em;}:where(.wp-block-columns.is-layout-flex){gap:2em;}:where(.wp-block-columns.is-layout-grid){gap:2em;}:root :where(.wp-block-pullquote){font-size:1.5em;line-height:1.6;}.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}@media screen and (max-height: 1024px){.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}}@media screen and (max-height: 640px){.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}}.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}body.custom-background{background-color:#fff;}@media (min-width: 992px){.nav__flex-parent{height:90px;}.nav{min-height:90px;}.nav__menu > li > a{line-height:90px;}.nav--sticky.sticky .nav__flex-parent{height:68px;}.nav--sticky.sticky .nav__menu > li > a{line-height:68px;color:#656970;}.nav__menu > li{padding-left:12px;padding-right:12px;}.nav--default{background-color:rgba(255,255,255,0);}.nav--default .nav__menu > li > a{color:#000;}.nav--default .nav__dropdown-menu,.nav--default .nav__menu > .nav__dropdown > .nav__dropdown-menu:before{background-color:#001b70;}.nav--default .nav__dropdown-menu > li > a{color:#fff;}.nav--default .nav__dropdown-menu > li > a:hover,.nav--default .nav__dropdown-menu > li > a:focus{color:#5579fd;}.nav--sticky.sticky{background-color:rgba(255,255,255,1);}.nav--sticky.sticky .nav__menu > li > a:hover,.nav--sticky.sticky .nav__menu > li.active > a,.nav--sticky.sticky .nav__menu > .current_page_parent > a,.nav--sticky.sticky .nav__menu .current-menu-item > a{color:#1e73be;}.nav--transparent{background-color:rgba(255,255,255,0);}.nav--transparent .nav__menu > li > a{color:#fff;}.nav--transparent .nav__menu > li > a:hover,.nav--transparent .nav__menu > li > a:focus .nav--transparent .nav__menu > li.active > a,.nav--transparent .nav__menu > .current_page_parent > a{color:#fff;}.nav--transparent .nav__dropdown-menu,.nav--transparent .nav__menu > .nav__dropdown > .nav__dropdown-menu:before{background-color:#fff;}.nav--transparent .nav__dropdown-menu > li:not(.current-menu-item) > a{color:#656970;}.nav--transparent .nav__dropdown-menu > li > a:hover,.nav--transparent .nav__dropdown-menu > li > a:focus{color:#2550de;}}@media (max-width: 991px){.nav__header{height:60px;}.nav{min-height:60px;background-color:#fff;}.nav__menu > li > a{color:#353f58;}.nav__menu li a{border-bottom-color:rgba(231,234,240,1);}}.nav__header .logo{max-height:60px;}.nav--sticky.sticky .nav__header .logo{max-height:48px;}.page-title{padding-top:90px;padding-bottom:115px;background-color:#fff;}a,.loader,.highlight,.comment-edit-link,.footer .widget.widget_calendar a,.widget_rss .rsswidget:hover,.widget_recent_entries a:hover,.widget_recent_comments a:hover,.widget_nav_menu a:hover,.widget_archive a:hover,.widget_pages a:hover,.widget_categories a:hover,.widget_meta a:hover,.footer__nav-menu li a:hover,.footer__widgets .widget a:hover,.copyright a:hover,.copyright a:focus,.link-underline:hover,.link-underline:focus,.case-study__category:hover,.case-study__category:focus{color:#0c8ff8;}.btn,.btn--color,button,input[type="button"],input[type="reset"],input[type="submit"],.button,.btn--button:focus,.btn:hover,.elementor-widget-button .elementor-button,a.cc-btn.cc-dismiss,.mc4wp-form-fields input[type=submit]:focus,.post-password-form label + input,#back-to-top:hover,.widget_tag_cloud a:hover,.entry__tags a:hover,.page-numbers.current,.pagination a:hover,.link-underline:after,.project-filter a.active,.project-filter a:hover,.project-filter a:focus{background-color:#0c8ff8;}input:focus,textarea:focus{border-color:#1f1ddb;}.elementor-widget-tabs .elementor-tab-title.elementor-active{border-top-color:#0c8ff8;}.blog-section,.archive-section,.search-results-section{background-color:#fff;}.nav--default .nav__menu > li > a:hover,.nav--default .nav__menu > li > a:focus,.nav--default .nav__menu > li.active > a,.nav--default .nav__menu > .current_page_parent > a,.nav--default .nav__menu .current-menu-item > a{color:#1e73be;}.nav--default .nav__btn{background-color:#001b70;color:#fff;}.nav--default .nav__btn:hover,.nav--default .nav__btn:focus{background-color:#d11c46;}.nav--sticky.sticky .nav__btn{background-color:#001b70;color:#fff;}.nav--transparent .nav__btn{background-color:#ff3467;color:#fff;}.nav--transparent .nav__btn:hover,.nav--default .nav__btn:focus{background-color:#81d742;}.nav__icon-toggle-bar{background-color:#282e38;}.page-title__title{color:#353f58;}.page-title__subtitle{color:#656970;}.breadcrumbs-wrap{background-color:#f7fbff;}.breadcrumbs a{color:#353f58;}.breadcrumbs__separator{color:#656970;}.breadcrumbs > span{color:#656970;}.entry__article p a,.entry__article li:not(.wp-social-link) a{color:#000;}.entry__meta li,.entry__meta a,.comment-date{color:#fff;}h1,h2,h3,h4,h5,h6{color:#353f58;}body,.deo-newsletter-gdpr-checkbox__label,figcaption,.comment-form-cookies-consent label,.pagination span,.pagination a{color:#656970;}.elementor-widget-wp-widget-recent-posts a,.widget_recent_entries a,.elementor-widget-wp-widget-nav_menu a,.widget_nav_menu a,.elementor-widget-wp-widget-categories a,.widget_categories a,.elementor-widget-wp-widget-pages a,.widget_pages a,.elementor-widget-wp-widget-pages-archives a,.widget_archive a,.elementor-widget-wp-widget-meta a,.widget_meta a{color:#656970;}.footer{background-color:#032747;}.footer__bottom,.footer{border-color:#fff;}.footer .widget-title{color:#000;}.footer,.footer .social,.footer__nav-menu li a,.footer .widget_recent_entries a,.footer .widget_nav_menu a,.footer .widget_categories a,.footer .widget_pages a,.footer .widget_archive a,.footer .widget_meta a{color:#fff;}.copyright,.copyright a{color:#fff;}.footer__col-2 > .widget:first-child .widget-title{color:#46d19b;}.footer__col-2 > .widget:last-child .widget-title{color:#fff;}.footer__col-3 > .widget:first-child .widget-title{color:#fff;}.footer__col-3 > .widget:last-child .widget-title{color:#f38e26;}.cc-window{background-color:#114a9a;}.cc-message{color:#fff;}.cc-link,.cc-link:active,.cc-link:visited,.cc-link:hover,.cc-link:focus{color:#fff;}a.cc-btn.cc-dismiss{background-color:#3f890b;color:#fff;}h1,.h1{font-family:Rubik;font-size:38px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h2,.h2{font-family:Rubik;font-size:32px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h3,.h3{font-family:Lato;}h4,.h4{font-family:Rubik;font-size:24px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h5,.h5{font-family:Rubik;font-size:20px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h6,.elementor-widget-tabs .elementor-tab-title,.elementor-accordion .elementor-tab-title{font-family:Rubik;font-size:16px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}body,input{font-size:15px;}.entry__article{font-size:1.125rem;line-height:1.8;}.nav__menu li a{font-size:16px;}