219 matches found
CVE-2021-43574
CVE-2021-43574 affects Atmail 6.5.0 (WebAdmin/Control Panel). The vulnerability is a cross-site scripting (XSS) flaw exposed via the format parameter to the default URI, allowing injected script/HTML to run in the victim’s browser. Documented across multiple sources (NVD, Nuclei template, CNVD/CN...
PT-2021-23879 · Atmail · Atmail
Name of the Vulnerable Software and Affected Versions: Atmail version 6.5.0 Description: The issue affects the WebAdmin Control Panel, allowing XSS via the format parameter to the default URI. This problem only affects products that are no longer supported by the maintainer. Recommendations: For...
Atmail 跨站脚本漏洞
AtMail is an open source WebMail client from Atmail Australia, which provides Webmail interface, address book management, calendar and other features, and supports IMAP, video mail, etc. A cross-site scripting vulnerability exists in the WebAdmin control panel of AtMail version 6.5.0. An attacker...
AtMail WebMail 4.61 Open Redirect
Title: AtMail WebMail Open Redirect Vulnerability + Date: 2020/03/11 + Author: Lutfu Mert Ceylan + Vendor Homepage: www.atmail.com + Software: Atmail Cloud Hosted Email + Tested on: Windows 10 + Versions: 4.61 and before + Vulnerable Parameter: "redirect" Get Method + Vulnerable File:...
CVE-2012-2593
Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...
Cross site scripting
Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...
CVE-2012-2593
Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...
CVE-2012-2593
The connected documentation confirms a concrete issue: Atmail Webmail Server 6.4 has an XSS vulnerability in its administrative interface that can be triggered via the Date field of an email, enabling attackers to inject arbitrary script/HTML. Exploitation is evidenced by linked exploit-publicati...
Atmail 7.1.1 PRO Cross Site Scripting
============================================================================ | Title : Atmail v7.1.1 PRO XSS Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais V.Pro | | Version : v7.1.1 | | Vendor : www.p30vel.ir | | Dork : Powered by...
atmail Cross-Site Scripting Vulnerability
atmail is an open source WebMail client from Australia's atmail company , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site scripting vulnerability exists in versions of atmail prior to 7.8.0.2. A...
CVE-2017-11617
Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...
Cross site scripting
Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...
CVE-2017-11617
Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...
CVE-2017-11617
Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...
CVE-2017-11617
CVE-2017-11617 describes a Cross-site Scripting (XSS) vulnerability in atmail prior to version 7.8.0.2. An attacker can inject arbitrary web script or HTML into the body of an email by manipulating an IMG element that contains both single and double quotes, enabling remote code execution in the c...
AtMail Cross-Site Request Forgery Vulnerability
AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in AtMail versions prior to 7.8.0.2...
AtMail Cross-Site Request Forgery Vulnerability (CNVD-2017-09348)
AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in versions of AtMail prior to...
AtMail Cross-Site Request Forgery Vulnerability (CNVD-2017-09349)
AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in Atmail versions prior to 7.8.0.2...
atmail Multiple Vulnerabilities
atmail is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:atmail:atmail"; if description...
CVE-2017-9517
atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV...