CVE-2012-10046P2CRITICALCVSS 9.3PoCvESVA_20572025-08-08
CVE-2012-10046 [CRITICAL] CWE-78 CVE-2012-10046: The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticat
The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI handler fails to sanitize user-supplied input passed via the id parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and resu
nvd