273 matches found
McAfee Email Gateway Web Mail User Interface Directory Traversal (SB10329)
The McAfee Email Gateway MEG application running on the remote host is affected by a directory traversal vulnerability in the Web Mail user interface. An authenticated, remote attacker can exploit this issue to traverse the file system to access files or directories that are outside of the...
CVE-2013-6365
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions...
CVE-2013-6365
The CVE-2013-6365 entry relates to Horde Groupware Webmail 5.1.2 and describes a CSRF vulnerability in which requests to change permissions can be forged. Public references (e.g., Exploit-DB) describe a CSRF flaw in the Change of permissions function due to a missing or insufficient token in the ...
CVE-2013-6365
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions...
CVE-2013-6365
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions...
Prayer Information Disclosure Vulnerability
Prayer is an IMAP-based Web mail server. An information disclosure vulnerability exists in Prayer that stems from the header.t lack of no-referrer setting. An attacker can exploit this vulnerability to obtain a username...
semcms web_mail multiple sql injection
No description provided by source...
CVE-2015-1619
Cross-site scripting XSS vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway MEG 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest...
CVE-2015-1619
CVE-2015-1619 affects McAfee Email Gateway (MEG) Secure Web Mail Client UI. Multiple sources describe an XSS vulnerability in the UI that permits remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages. Affected versions include MEG 7.6.x before...
IceWarp Web Mail 3.3.2/5.2.7 - Multiple Remote Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10920/info IceWarp Web Mail is reported prone to multiple input validation vulnerabilities. It is reported that these issues may be exploited by a remote attacker to conduct SQL Injection, Account Manipulation, Cross-site...
PHP-Nuke 6.0 Web Mail Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6400/info A vulnerability has been discovered in the PHP-Nuke web mail module. Due to insufficient sanitization of HTML emails it is possible for an attacker to embed script code into malicious messages. Opening an email...
IceWarp Web Mail 5.3 accountsettings_add.html accountid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/12396/info Multiple remote vulnerabilities reportedly affect IceWarp Web Mail. The underlying issues are due to input and access validation errors. Multiple cross-site scripting and HTML injection vulnerabilities affect t...
PHP-Nuke 6.0 Web Mail Remote PHP Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6399/info A vulnerability has been discovered in the PHP-Nuke Web Mail module. When a user opens an email that contains an attachment, the file will be put in a remotely accessible web directory. It has been reported that...
Mirapoint Web Mail Expression() HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20840/info Mirapoint Web Mail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute arbitrary JavaScript in the victim's...
IBM Lotus Domino Notes 6.0/6.5 Mail Template Automatic Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14164/info IBM Lotus Notes email client is prone to an input validation vulnerability. Reports indicate that HTML and JavaScript attached to received email messages is executed automatically when the email message is...
Active Web Mail 4 - (Auth Bypass) Remote SQL Injection Vulnerability
No description provided by source. ----------------------------بسم الله الرحمن الرحيم------------------------------ Tybe:Auth Bypass Remote SQL Injection Vulnerability Vendor: www.activewebsoftwares.com Software: Active Web Mail v 4 author: я3d D3v!L Date: 28.11.2008 Home: www.ahacker.biz contact...
PSCS VPOP3 2.0 Email Server Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10782/info It is reported that VPOP3 is reported prone to a remote denial of service vulnerability. This issue presents itself when an attacker issues a URI request containing a large value for the 'msglistlen' parameter ...
Uebimiau Web-Mail <= 3.2.0-1.8 - Remote File / Overwrite Vulnerabilities
No description provided by source. Uebimiau Webmail = v3.2.0-1.8 Remote File / Overwrite Vulnerabilities Dork : Uebimiau Webmail v3.2.0-1.8 POC : /uebimiau/admin/editor.php?load=config And You Can Write Any Code As ?php passthru$GETcmd; ? After That Click Write To File Go /uebimiau/index.php?cmd=...
Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure Vulnerability
No description provided by source. ---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / //...
Concatus IMate Web Mail Server 2.5 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1286/info Sending an email to a Concatus IMate Web Mail Server 2.5 with a server name consisting of over 1119 characters will cause the application to crash. Restarting the program is required in order to regain normal...