Filtered by vendor Northgrid Subscriptions
Filtered by product Proself Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-45727 1 Northgrid 1 Proself 2024-12-06 7.5 High
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted request containing malformed XML data, arbitrary files on the server containing account information may be read by the attacker.
CVE-2023-39416 2 North Grid Corporation, Northgrid 4 Proself Enterprise Standard Edition, Proself Gateway Edition, Proself Mail Sanitize Edition and 1 more 2024-11-21 7.2 High
Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands.
CVE-2023-39415 1 Northgrid 4 Proself, Proself Enterprise Standard Edition, Proself Gateway Edition and 1 more 2024-11-21 7.5 High
Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an unintended operation.