CVE-2006-4953

2006-09-23T10:07:00
ID CVE-2006-4953
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:33:00

Description

Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary SQL commands via the (1) adr_sortkey and (2) adr_sortkey_desc parameters in the (a) addrlist servlet, and the (3) sortkey and (4) sortkey_desc parameters in the (b) maillist servlet.