Lucene search
K

219 matches found

CVE
CVE
added 2021/11/15 2:18 p.m.63 views

CVE-2021-43574

CVE-2021-43574 affects Atmail 6.5.0 (WebAdmin/Control Panel). The vulnerability is a cross-site scripting (XSS) flaw exposed via the format parameter to the default URI, allowing injected script/HTML to run in the victim’s browser. Documented across multiple sources (NVD, Nuclei template, CNVD/CN...

6.1CVSS5.9AI score0.02422EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/15 12:0 a.m.5 views

PT-2021-23879 · Atmail · Atmail

Name of the Vulnerable Software and Affected Versions: Atmail version 6.5.0 Description: The issue affects the WebAdmin Control Panel, allowing XSS via the format parameter to the default URI. This problem only affects products that are no longer supported by the maintainer. Recommendations: For...

6.1CVSS5.9AI score0.02422EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/11/15 12:0 a.m.6 views

Atmail 跨站脚本漏洞

AtMail is an open source WebMail client from Atmail Australia, which provides Webmail interface, address book management, calendar and other features, and supports IMAP, video mail, etc. A cross-site scripting vulnerability exists in the WebAdmin control panel of AtMail version 6.5.0. An attacker...

6.1CVSS5.3AI score0.02422EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2020/03/12 12:0 a.m.157 views

AtMail WebMail 4.61 Open Redirect

Title: AtMail WebMail Open Redirect Vulnerability + Date: 2020/03/11 + Author: Lutfu Mert Ceylan + Vendor Homepage: www.atmail.com + Software: Atmail Cloud Hosted Email + Tested on: Windows 10 + Versions: 4.61 and before + Vulnerable Parameter: "redirect" Get Method + Vulnerable File:...

7.4AI score
Exploits0
NVD
NVD
added 2020/02/06 2:15 p.m.16 views

CVE-2012-2593

Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...

6.1CVSS6.1AI score0.06229EPSS
Exploits2References2
Prion
Prion
added 2020/02/06 2:15 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...

4.3CVSS6.1AI score0.06229EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/02/06 1:47 p.m.23 views

CVE-2012-2593

Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...

6.1AI score0.06229EPSS
Exploits2References2
CVE
CVE
added 2020/02/06 1:47 p.m.41 views

CVE-2012-2593

The connected documentation confirms a concrete issue: Atmail Webmail Server 6.4 has an XSS vulnerability in its administrative interface that can be triggered via the Date field of an email, enabling attackers to inject arbitrary script/HTML. Exploitation is evidenced by linked exploit-publicati...

6.1CVSS6AI score0.06229EPSS
Exploits2References2Affected Software1
Packet Storm
Packet Storm
added 2018/01/04 12:0 a.m.37 views

Atmail 7.1.1 PRO Cross Site Scripting

============================================================================ | Title : Atmail v7.1.1 PRO XSS Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais V.Pro | | Version : v7.1.1 | | Vendor : www.p30vel.ir | | Dork : Powered by...

7.1AI score
Exploits0
CNVD
CNVD
added 2017/07/27 12:0 a.m.3 views

atmail Cross-Site Scripting Vulnerability

atmail is an open source WebMail client from Australia's atmail company , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site scripting vulnerability exists in versions of atmail prior to 7.8.0.2. A...

6.1CVSS6.5AI score0.01025EPSS
Exploits1References1
NVD
NVD
added 2017/07/25 5:29 p.m.14 views

CVE-2017-11617

Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...

6.1CVSS6.1AI score0.01025EPSS
Exploits1References2
Prion
Prion
added 2017/07/25 5:29 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...

4.3CVSS6AI score0.01025EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/07/25 5:29 p.m.3 views

CVE-2017-11617

Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...

6.1CVSS5.9AI score0.01025EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/07/25 5:0 p.m.17 views

CVE-2017-11617

Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...

6.5AI score0.01025EPSS
Exploits1References2
CVE
CVE
added 2017/07/25 5:0 p.m.51 views

CVE-2017-11617

CVE-2017-11617 describes a Cross-site Scripting (XSS) vulnerability in atmail prior to version 7.8.0.2. An attacker can inject arbitrary web script or HTML into the body of an email by manipulating an IMG element that contains both single and double quotes, enabling remote code execution in the c...

6.1CVSS6.3AI score0.01025EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2017/06/12 12:0 a.m.6 views

AtMail Cross-Site Request Forgery Vulnerability

AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in AtMail versions prior to 7.8.0.2...

8.8CVSS7AI score0.00451EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/12 12:0 a.m.4 views

AtMail Cross-Site Request Forgery Vulnerability (CNVD-2017-09348)

AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in versions of AtMail prior to...

8.8CVSS6.8AI score0.00451EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/12 12:0 a.m.6 views

AtMail Cross-Site Request Forgery Vulnerability (CNVD-2017-09349)

AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in Atmail versions prior to 7.8.0.2...

8.8CVSS6.9AI score0.00451EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/06/09 12:0 a.m.39 views

atmail Multiple Vulnerabilities

atmail is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:atmail:atmail"; if description...

8.8CVSS7.6AI score0.01025EPSS
Exploits1References1
NVD
NVD
added 2017/06/08 2:29 p.m.16 views

CVE-2017-9517

atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV...

8.8CVSS8.7AI score0.00451EPSS
Exploits0References1
Rows per page
Query Builder