Lucene search
K

101 matches found

CVE
CVE
added 2005/09/02 4:0 a.m.93 views

CVE-2005-2769

CVE-2005-2769 is a cross-site scripting (XSS) flaw in SqWebMail 5.0.4 and possibly other versions. The vulnerability arises when processing HTML emails that contain tags with characters like “>” that are not properly sanitized, allowing remote attackers to inject arbitrary web script or HTML. ...

4.3CVSS5.7AI score0.0273EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2005/09/02 4:0 a.m.40 views

CVE-2005-2769

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain "" or other special characters, which is not properly sanitized by SqWebMail...

4.3CVSS5.7AI score0.0273EPSS
Exploits1
Debian
Debian
added 2005/09/01 10:31 a.m.25 views

[SECURITY] [DSA 793-1] New sqwebmail packages fix cross-site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA 793-1 [email protected] http://www.debian.org/security/ Martin Schulze September 1st, 2005 http://www.debian.org/security/faq -...

4.3CVSS6AI score0.01754EPSS
Exploits0
OSV
OSV
added 2005/09/01 12:0 a.m.13 views

DSA-793-1 courier - missing input sanitising

Bulletin has no description...

4.3CVSS6.3AI score0.01754EPSS
Exploits0
Packet Storm
Packet Storm
added 2005/08/31 12:0 a.m.23 views

SqWebMail.txt

====================================================================== Secunia Research 29/08/2005 - SqWebMail HTML Emails Script Insertion Vulnerability - ====================================================================== Table of Contents Affected...

7.4AI score
Exploits0
NVD
NVD
added 2005/08/30 11:45 a.m.15 views

CVE-2005-2724

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer...

4.3CVSS5.5AI score0.01754EPSS
Exploits0References9
OSV
OSV
added 2005/08/30 11:45 a.m.7 views

CVE-2005-2724

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer...

5.4AI score
Exploits0References9
OSV
OSV
added 2005/08/30 11:45 a.m.1 views

DEBIAN-CVE-2005-2724

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer...

4.3CVSS5.7AI score0.01754EPSS
Exploits0References1
CVE
CVE
added 2005/08/29 4:0 a.m.55 views

CVE-2005-2724

CVE-2005-2724 is a cross-site scripting (XSS) vulnerability in SqWebmail: the vulnerability arises from missing input sanitising in the handling of file attachments, allowing an attacker to inject arbitrary script/HTML via the Display feature. The initial description notes SqWebMail 5.0.4 as affe...

4.3CVSS5.4AI score0.01754EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2005/08/29 4:0 a.m.21 views

CVE-2005-2724

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer...

5.4AI score0.01754EPSS
Exploits0References9
exploitpack
exploitpack
added 2005/08/29 12:0 a.m.17 views

SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection

SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection source: https://www.securityfocus.com/bid/14676/info SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser. This may allow for various attacks including session...

Exploits0
Exploit DB
Exploit DB
added 2005/08/29 12:0 a.m.24 views

SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection

source: https://www.securityfocus.com/bid/14676/info SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser. This may allow for various attacks including session hijacking due to the theft of user credentials...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/08/24 12:0 a.m.29 views

[Full-disclosure] Secunia Research: SqWebMail Attached File Script Insertion Vulnerability

====================================================================== Secunia Research 24/08/2005 - SqWebMail Attached File Script Insertion Vulnerability - ====================================================================== Table of Contents Affected...

0.5AI score
Exploits0
Cvelist
Cvelist
added 2005/08/16 4:0 a.m.25 views

CVE-2004-2313

Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as root, which allows remote attackers to guess the root password via brute force attacks...

6.9AI score0.01411EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2005/08/16 4:0 a.m.43 views

CVE-2004-2313

Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as root, which allows remote attackers to guess the root password via brute force attacks...

5CVSS6.7AI score0.01411EPSS
Exploits0
CVE
CVE
added 2005/08/16 4:0 a.m.54 views

CVE-2004-2313

Inter7 SqWebMail 3.4.1–3.6.1 exposes a password-guessing vulnerability: authentication responses differ for incorrect vs. correct passwords on non-mail-enabled accounts (e.g., root), enabling remote attackers to brute-force the root password. The issue is tied to the login error handling and disc...

5CVSS7AI score0.01411EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.13 views

FreeBSD : sqwebmail (2248)

The following package needs to be updated: sqwebmail %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compiled' forms SGML, HTML, PDF,...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/05/26 12:0 a.m.40 views

SqWebMail redirect Parameter CRLF Injected XSS

The remote host is running a version of SqWebMail that does not properly sanitize user-supplied input through the 'redirect' parameter. An attacker can exploit this flaw to inject arbitrary HTML and script code into a user's browser to be executed within the context of the affected website. Such...

7.5CVSS5.9AI score0.02284EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2005/04/27 4:0 a.m.44 views

CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

7.5CVSS6.3AI score0.02284EPSS
Exploits0
CVE
CVE
added 2005/04/27 4:0 a.m.60 views

CVE-2005-1308

CVE-2005-1308 affects SqWebMail. The vulnerability arises from CRLF sequence handling in the redirect parameter, enabling remote injection of arbitrary HTML/script and likely XSS. Impact described across sources includes attacker-controlled script execution in users’ browsers and potential sessio...

7.5CVSS6.5AI score0.02284EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder