124 matches found
CVE-2007-2718
Cross-site scripting XSS vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags...
Cross site scripting
Cross-site scripting XSS vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags...
CVE-2007-2718
Cross-site scripting XSS vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags...
CVE-2007-2718
CVE-2007-2718 describes a cross-site scripting (XSS) vulnerability in the WebMail component of Stalker CommuniGate Pro 5.1.8 and earlier when accessed via Microsoft Internet Explorer . The issue allows a remote attacker to inject arbitrary web script or HTML through crafted STYLE tags . The vulne...
[Full-disclosure] CommuniGate Pro web mail persistent cross-site scripting vulnerability
1 Summary Affected software: Stalker CommuniGate Pro version 5.1.8 and below Vendor URL: www.stalker.com Severity: Medium 2 Vulnerability Description CommuniGate Pro is a communication server supporting a large number of protocols. It includes a web mail system. The web mail system suffers from a...
Stalker CommuniGate Pro crossite scripting
Crossite scripting via e-mail within Internet Explorer...
CommuniGate Pro WebMail w/ MSIE STYLE Tag XSS
According to its banner, the version of CommuniGate Pro running on the remote host fails to completely sanitize email messages, when using Internet Explorer IE. A remote attacker may be able to leverage this issue to inject arbitrary HTML and script code into a user's browser to be evaluated with...
CommuniGate Pro 5.1.8 - Web Mail HTML Injection
CommuniGate Pro 5.1.8 - Web Mail HTML Injection source: https://www.securityfocus.com/bid/23950/info CommuniGate Pro is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to execute HTML and script co...
CommuniGate Pro 5.1.8 - Web Mail HTML Injection
source: https://www.securityfocus.com/bid/23950/info CommuniGate Pro is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal...
CommuniGate Pro Webmail 4.0.6 Session Hijacking Exploit
No description provided by source. !/usr/bin/perl Below is exploit code. Place it into cgi-bin, then recommended make symlink from DocumentRoot/AnyImage.gif to shj.pl, configure at least $url variable, and possible other vars and send victim HTML message with img src to your AnyImage.gif. When...
CVE-2006-3477
Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service server crash via unspecified vectors involving opening an empty inbox...
CVE-2006-3477
Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service server crash via unspecified vectors involving opening an empty inbox...
CVE-2006-3477
The CVE-2006-3477 issue affects the POP service in CommuniGate Pro up to version 5.1c1, where remote attackers can cause a denial of service (server crash) by triggering an empty-inbox condition. The root cause and exact vectors are not detailed in the description; exploitation is remote and aims...
CommuniGate Pro < 5.1c2 POP3 Overflow
Binary data 3679.prm...
CommuniGate Pro POP Service Empty Inbox Remote DoS
According to its banner, the version of CommuniGate Pro running on the remote host will crash when certain mail clients try to open an empty mailbox. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid21917;...
Communigate Pro mail server DoS
Server crash on empty mailbox access with malformed client...
Multiple Stalker Communigate Pro / IBM Lotus Domino / Sun directory server / IBM Tivoli vulnerabilities
Multiple LDAP server vulnerabilities...
CommuniGate Pro Server < 5.0.8 LDAP Module Field Handling Remote DoS
The remote host appears to be running CommuniGate Pro, a commercial email and groupware application. The version of CommuniGate Pro installed on the remote host includes an LDAP server that fails to handle requests with Distinguished Names DNs that contain too many elements. A user can leverage...
Code injection
The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote attackers to cause a denial of service application crash via LDAP messages that contain Distinguished Names DN fields with a large number of elements...
CVE-2006-0566
The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote attackers to cause a denial of service application crash via LDAP messages that contain Distinguished Names DN fields with a large number of elements...