CVE-2013-10022

A vulnerability, which was classified as problematic, has been found in BestWebSoft Contact Form Plugin 3.51 on WordPress. Affected by this issue is the function cntctfrmdisplayform/cntctfrmcheckform of the file contactform.php. The manipulation leads to cross site scripting. The attack may be...

Novell Netmail IMAP服务命令参数串接远程堆溢出漏洞

Novell NetMail是基于Internet标准消息和安全协议的邮件和日历系统。 NetMail的IMAP服务在处理命令参数的串接时存在漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 NetMail的IMAP服务（imapd.exe）在将文字内容附加到IMAP命令以生成请求时没有充分的验证用户输入的长度值。所分配的用于存储额外数据的内存可能不充分，导致堆溢出。 Novell NetMail 3.52 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

[Full-disclosure] iDefense Security Advisory 12.23.06: Novell Netmail IMAP append Denial of Service Vulnerability

Novell Netmail IMAP append Denial of Service Vulnerability iDefense Security Advisory 12.23.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 23, 2006 I. BACKGROUND Novell NetMail is an e-mail and calendar system that is based on standard Internet protocols. More information can be...

CVE-2005-1756

Cross-site scripting XSS vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields...