Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-0651
HistoryFeb 15, 2007 - 11:28 p.m.

CVE-2007-0651

2007-02-1523:28:00
[email protected]
web.nvd.nist.gov
5

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.01

Percentile

83.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and © Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.

Affected configurations

Nvd
Node
mailenablemailenable_professionalMatch1.0.004
OR
mailenablemailenable_professionalMatch1.0.005
OR
mailenablemailenable_professionalMatch1.0.006
OR
mailenablemailenable_professionalMatch1.0.007
OR
mailenablemailenable_professionalMatch1.0.008
OR
mailenablemailenable_professionalMatch1.0.009
OR
mailenablemailenable_professionalMatch1.0.010
OR
mailenablemailenable_professionalMatch1.0.011
OR
mailenablemailenable_professionalMatch1.0.012
OR
mailenablemailenable_professionalMatch1.0.013
OR
mailenablemailenable_professionalMatch1.0.014
OR
mailenablemailenable_professionalMatch1.0.015
OR
mailenablemailenable_professionalMatch1.0.016
OR
mailenablemailenable_professionalMatch1.0.017
OR
mailenablemailenable_professionalMatch1.1
OR
mailenablemailenable_professionalMatch1.2
OR
mailenablemailenable_professionalMatch1.2a
OR
mailenablemailenable_professionalMatch1.5
OR
mailenablemailenable_professionalMatch1.6
OR
mailenablemailenable_professionalMatch1.7
OR
mailenablemailenable_professionalMatch1.12
OR
mailenablemailenable_professionalMatch1.13
OR
mailenablemailenable_professionalMatch1.14
OR
mailenablemailenable_professionalMatch1.15
OR
mailenablemailenable_professionalMatch1.16
OR
mailenablemailenable_professionalMatch1.17
OR
mailenablemailenable_professionalMatch1.18
OR
mailenablemailenable_professionalMatch1.19
OR
mailenablemailenable_professionalMatch1.51
OR
mailenablemailenable_professionalMatch1.52
OR
mailenablemailenable_professionalMatch1.53
OR
mailenablemailenable_professionalMatch1.54
OR
mailenablemailenable_professionalMatch1.72
OR
mailenablemailenable_professionalMatch1.73
OR
mailenablemailenable_professionalMatch1.82
OR
mailenablemailenable_professionalMatch1.83
OR
mailenablemailenable_professionalMatch1.84
OR
mailenablemailenable_professionalMatch1.101
OR
mailenablemailenable_professionalMatch1.102
OR
mailenablemailenable_professionalMatch1.103
OR
mailenablemailenable_professionalMatch1.104
OR
mailenablemailenable_professionalMatch1.105
OR
mailenablemailenable_professionalMatch1.106
OR
mailenablemailenable_professionalMatch1.107
OR
mailenablemailenable_professionalMatch1.108
OR
mailenablemailenable_professionalMatch1.109
OR
mailenablemailenable_professionalMatch1.110
OR
mailenablemailenable_professionalMatch1.111
OR
mailenablemailenable_professionalMatch1.112
OR
mailenablemailenable_professionalMatch1.113
OR
mailenablemailenable_professionalMatch1.114
OR
mailenablemailenable_professionalMatch1.115
OR
mailenablemailenable_professionalMatch1.116
OR
mailenablemailenable_professionalMatch2.0
OR
mailenablemailenable_professionalMatch2.1
OR
mailenablemailenable_professionalMatch2.2
OR
mailenablemailenable_professionalMatch2.32
OR
mailenablemailenable_professionalMatch2.33
OR
mailenablemailenable_professionalMatch2.34
OR
mailenablemailenable_professionalMatch2.35
OR
mailenablemailenable_professionalMatch2.351
VendorProductVersionCPE
mailenablemailenable_professional1.0.004cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.005cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.006cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.007cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.008cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.009cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.010cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.011cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.012cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*
mailenablemailenable_professional1.0.013cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*
Rows per page:
1-10 of 611

Related

prion 1
cvelist 1
cve 1
nessus 1
securityvulns 2
prion
prion
Cross site scripting
2007-02-15 23:28:00
cvelist
cvelist
CVE-2007-0651
2007-02-15 23:00:00
cve
cve
CVE-2007-0651
2007-02-15 23:28:00
nessus
nessus
MailEnable Web Mail Client Multiple Vulnerabilities (XSS, CSRF)
2007-02-15 00:00:00
securityvulns
securityvulns
[Full-disclosure] Secunia Research: MailEnable Web Mail Client Multiple Vulnerabilities
2007-02-14 00:00:00
MailEnable multiple security vulnerabilities
2007-03-02 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.01

Percentile

83.7%

JSON
Related for NVD:CVE-2007-0651
prion1cvelist1cve1nessus1securityvulns2