Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveFlexeraCVE-2007-0652
HistoryFeb 15, 2007 - 11:28 p.m.

CVE-2007-0652

2007-02-1523:28:00
flexera
web.nvd.nist.gov
31
cve
2007
0652
mailenable
professional
csrf
vulnerability
remote attackers
unauthorized actions
nvd

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.018

Percentile

88.2%

JSON

Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.

Affected configurations

Nvd
Node
mailenablemailenable_professionalMatch1.0.004
OR
mailenablemailenable_professionalMatch1.0.005
OR
mailenablemailenable_professionalMatch1.0.006
OR
mailenablemailenable_professionalMatch1.0.007
OR
mailenablemailenable_professionalMatch1.0.008
OR
mailenablemailenable_professionalMatch1.0.009
OR
mailenablemailenable_professionalMatch1.0.010
OR
mailenablemailenable_professionalMatch1.0.011
OR
mailenablemailenable_professionalMatch1.0.012
OR
mailenablemailenable_professionalMatch1.0.013
OR
mailenablemailenable_professionalMatch1.0.014
OR
mailenablemailenable_professionalMatch1.0.015
OR
mailenablemailenable_professionalMatch1.0.016
OR
mailenablemailenable_professionalMatch1.0.017
OR
mailenablemailenable_professionalMatch1.1
OR
mailenablemailenable_professionalMatch1.2
OR
mailenablemailenable_professionalMatch1.2a
OR
mailenablemailenable_professionalMatch1.5
OR
mailenablemailenable_professionalMatch1.6
OR
mailenablemailenable_professionalMatch1.7
OR
mailenablemailenable_professionalMatch1.12
OR
mailenablemailenable_professionalMatch1.13
OR
mailenablemailenable_professionalMatch1.14
OR
mailenablemailenable_professionalMatch1.15
OR
mailenablemailenable_professionalMatch1.16
OR
mailenablemailenable_professionalMatch1.17
OR
mailenablemailenable_professionalMatch1.18
OR
mailenablemailenable_professionalMatch1.19
OR
mailenablemailenable_professionalMatch1.51
OR
mailenablemailenable_professionalMatch1.52
OR
mailenablemailenable_professionalMatch1.53
OR
mailenablemailenable_professionalMatch1.54
OR
mailenablemailenable_professionalMatch1.72
OR
mailenablemailenable_professionalMatch1.73
OR
mailenablemailenable_professionalMatch1.82
OR
mailenablemailenable_professionalMatch1.83
OR
mailenablemailenable_professionalMatch1.84
OR
mailenablemailenable_professionalMatch1.101
OR
mailenablemailenable_professionalMatch1.102
OR
mailenablemailenable_professionalMatch1.103
OR
mailenablemailenable_professionalMatch1.104
OR
mailenablemailenable_professionalMatch1.105
OR
mailenablemailenable_professionalMatch1.106
OR
mailenablemailenable_professionalMatch1.107
OR
mailenablemailenable_professionalMatch1.108
OR
mailenablemailenable_professionalMatch1.109
OR
mailenablemailenable_professionalMatch1.110
OR
mailenablemailenable_professionalMatch1.111
OR
mailenablemailenable_professionalMatch1.112
OR
mailenablemailenable_professionalMatch1.113
OR
mailenablemailenable_professionalMatch1.114
OR
mailenablemailenable_professionalMatch1.115
OR
mailenablemailenable_professionalMatch1.116
OR
mailenablemailenable_professionalMatch2.0
OR
mailenablemailenable_professionalMatch2.1
OR
mailenablemailenable_professionalMatch2.2
OR
mailenablemailenable_professionalMatch2.32
OR
mailenablemailenable_professionalMatch2.33
OR
mailenablemailenable_professionalMatch2.34
OR
mailenablemailenable_professionalMatch2.35
OR
mailenablemailenable_professionalMatch2.351
VendorProductVersionCPE
mailenablemailenable_professional1.0.004cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.005cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.006cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.007cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.008cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.009cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.010cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.011cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.012cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.013cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*
Rows per page:
1-10 of 611

Related

prion 1
cvelist 1
nvd 1
securityvulns 2
nessus 1
prion
prion
Cross site request forgery (csrf)
2007-02-15 23:28:00
cvelist
cvelist
CVE-2007-0652
2007-02-15 23:00:00
nvd
nvd
CVE-2007-0652
2007-02-15 23:28:00
securityvulns
securityvulns
[Full-disclosure] Secunia Research: MailEnable Web Mail Client Multiple Vulnerabilities
2007-02-14 00:00:00
MailEnable multiple security vulnerabilities
2007-03-02 00:00:00
nessus
nessus
MailEnable Web Mail Client Multiple Vulnerabilities (XSS, CSRF)
2007-02-15 00:00:00

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.018

Percentile

88.2%

JSON
Related for CVE-2007-0652
prion1cvelist1nvd1securityvulns2nessus1