Lucene search
K

273 matches found

Tenable Nessus
Tenable Nessus
added 2020/09/18 12:0 a.m.34 views

McAfee Email Gateway Web Mail User Interface Directory Traversal (SB10329)

The McAfee Email Gateway MEG application running on the remote host is affected by a directory traversal vulnerability in the Web Mail user interface. An authenticated, remote attacker can exploit this issue to traverse the file system to access files or directories that are outside of the...

4.3CVSS5.3AI score0.00979EPSS
Exploits0References2
NVD
NVD
added 2019/11/05 2:15 p.m.39 views

CVE-2013-6365

Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions...

5.3CVSS5.2AI score0.01072EPSS
Exploits5References6
CVE
CVE
added 2019/11/05 1:53 p.m.69 views

CVE-2013-6365

The CVE-2013-6365 entry relates to Horde Groupware Webmail 5.1.2 and describes a CSRF vulnerability in which requests to change permissions can be forged. Public references (e.g., Exploit-DB) describe a CSRF flaw in the Change of permissions function due to a missing or insufficient token in the ...

5.3CVSS5.9AI score0.01072EPSS
Exploits5References6Affected Software1
Debian CVE
Debian CVE
added 2019/11/05 1:53 p.m.52 views

CVE-2013-6365

Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions...

5.3CVSS5.7AI score0.01072EPSS
Exploits5
Cvelist
Cvelist
added 2019/11/05 1:53 p.m.61 views

CVE-2013-6365

Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions...

5.7AI score0.01072EPSS
Exploits5References6
CNVD
CNVD
added 2018/10/29 12:0 a.m.7 views

Prayer Information Disclosure Vulnerability

Prayer is an IMAP-based Web mail server. An information disclosure vulnerability exists in Prayer that stems from the header.t lack of no-referrer setting. An attacker can exploit this vulnerability to obtain a username...

4.3CVSS4.3AI score0.0084EPSS
Exploits0References1
seebug.org
seebug.org
added 2017/11/07 12:0 a.m.19 views

semcms web_mail multiple sql injection

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2015/02/17 3:59 p.m.17 views

CVE-2015-1619

Cross-site scripting XSS vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway MEG 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest...

3.5CVSS5.3AI score0.0108EPSS
Exploits0References1
CVE
CVE
added 2015/02/17 3:0 p.m.51 views

CVE-2015-1619

CVE-2015-1619 affects McAfee Email Gateway (MEG) Secure Web Mail Client UI. Multiple sources describe an XSS vulnerability in the UI that permits remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages. Affected versions include MEG 7.6.x before...

3.5CVSS5.4AI score0.0108EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.7 views

IceWarp Web Mail 3.3.2/5.2.7 - Multiple Remote Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10920/info IceWarp Web Mail is reported prone to multiple input validation vulnerabilities. It is reported that these issues may be exploited by a remote attacker to conduct SQL Injection, Account Manipulation, Cross-site...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

PHP-Nuke 6.0 Web Mail Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6400/info A vulnerability has been discovered in the PHP-Nuke web mail module. Due to insufficient sanitization of HTML emails it is possible for an attacker to embed script code into malicious messages. Opening an email...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

IceWarp Web Mail 5.3 accountsettings_add.html accountid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/12396/info Multiple remote vulnerabilities reportedly affect IceWarp Web Mail. The underlying issues are due to input and access validation errors. Multiple cross-site scripting and HTML injection vulnerabilities affect t...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

PHP-Nuke 6.0 Web Mail Remote PHP Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6399/info A vulnerability has been discovered in the PHP-Nuke Web Mail module. When a user opens an email that contains an attachment, the file will be put in a remotely accessible web directory. It has been reported that...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Mirapoint Web Mail Expression() HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20840/info Mirapoint Web Mail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute arbitrary JavaScript in the victim's...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

IBM Lotus Domino Notes 6.0/6.5 Mail Template Automatic Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14164/info IBM Lotus Notes email client is prone to an input validation vulnerability. Reports indicate that HTML and JavaScript attached to received email messages is executed automatically when the email message is...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Active Web Mail 4 - (Auth Bypass) Remote SQL Injection Vulnerability

No description provided by source. ----------------------------بسم الله الرحمن الرحيم------------------------------ Tybe:Auth Bypass Remote SQL Injection Vulnerability Vendor: www.activewebsoftwares.com Software: Active Web Mail v 4 author: я3d D3v!L Date: 28.11.2008 Home: www.ahacker.biz contact...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

PSCS VPOP3 2.0 Email Server Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10782/info It is reported that VPOP3 is reported prone to a remote denial of service vulnerability. This issue presents itself when an attacker issues a URI request containing a large value for the 'msglistlen' parameter ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Uebimiau Web-Mail <= 3.2.0-1.8 - Remote File / Overwrite Vulnerabilities

No description provided by source. Uebimiau Webmail = v3.2.0-1.8 Remote File / Overwrite Vulnerabilities Dork : Uebimiau Webmail v3.2.0-1.8 POC : /uebimiau/admin/editor.php?load=config And You Can Write Any Code As ?php passthru$GETcmd; ? After That Click Write To File Go /uebimiau/index.php?cmd=...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure Vulnerability

No description provided by source. ---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / //...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Concatus IMate Web Mail Server 2.5 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1286/info Sending an email to a Concatus IMate Web Mail Server 2.5 with a server name consisting of over 1119 characters will cause the application to crash. Restarting the program is required in order to regain normal...

7.1AI score
Exploits0
Rows per page
Query Builder