Lucene search
K

75 matches found

CNNVD
CNNVD
added 2021/03/04 12:0 a.m.5 views

AfterLogic Aurora 路径遍历漏洞

Afterlogic Aurora is a set of U.S. Afterlogic Inc. using PHP language written in the enterprise mail server platform. The platform includes features such as e-mail, file storage and address book management. A path traversal vulnerability exists in AfterLogic Aurora through 8.5.3 and WebMail Pro...

9.8CVSS8.3AI score0.0711EPSS
Exploits2References2
OSV
OSV
added 2019/11/26 4:15 p.m.2 views

CVE-2019-19129

Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name...

6.1CVSS6.4AI score0.00802EPSS
Exploits0References2
Prion
Prion
added 2019/11/26 4:15 p.m.14 views

Cross site scripting

Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name...

4.3CVSS6AI score0.00802EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2019/11/26 3:25 p.m.50 views

CVE-2019-19129

Technical details about CVE-2019-19129 are not publicly provided in the connected documents; no root cause, affected components, or fixes are disclosed. Monitor for updates.

6.1CVSS5.9AI score0.00802EPSS
Exploits0References2Affected Software2
seebug.org
seebug.org
added 2016/05/30 12:0 a.m.33 views

AfterLogic WebMail Pro ASP.NET Account Takeover / XXE Injection

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/05/24 12:0 a.m.57 views

AfterLogic WebMail Pro ASP.NET Account Takeover / XXE Injection

ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro ASP.NET Class: Sensitive Information disclosure Remotely Exploitable: Yes Versions Affected: AfterLogic WebMail...

0.6AI score
Exploits0
0day.today
0day.today
added 2016/05/24 12:0 a.m.37 views

AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure (via XXE Injection)

Exploit for asp platform in category web applications 1. ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro ASP.NET Class: Sensitive Information disclosure Remotely...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2016/05/24 12:0 a.m.27 views

AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection

AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection 1. ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2016/05/24 12:0 a.m.45 views

AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection

ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro ASP.NET Class: Sensitive Information disclosure Remotely Exploitable: Yes Versions Affected: AfterLogic WebMail...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

MailBee WebMail Pro 3.4 Check_login.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23481/info MailBee WebMail Pro is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

AfterLogic MailBee WebMail Pro 3.x default.asp mode2 Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25942/info MailBee WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-bas...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

AfterLogic WebMail Pro 4.7.10 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/36605/info AfterLogic WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

AfterLogic MailBee WebMail Pro 3.x login.php mode Parameter XSS

No description provided by source...

7.1AI score
Exploits0
Prion
Prion
added 2010/03/26 8:30 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 HistoryStorageObjectName and 2 HistoryKey parameters...

4.3CVSS6.1AI score0.01537EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2010/03/26 8:30 p.m.26 views

CVE-2009-4743

Multiple cross-site scripting XSS vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 HistoryStorageObjectName and 2 HistoryKey parameters...

4.3CVSS5.8AI score0.01537EPSS
Exploits1References5
CVE
CVE
added 2010/03/26 8:0 p.m.52 views

CVE-2009-4743

CVE-2009-4743 affects AfterLogic WebMail Pro versions up to 4.7.10, via XSS in history-storage.aspx. The vulnerability is triggered by specially crafted HistoryStorageObjectName and HistoryKey parameters, allowing remote attackers to inject arbitrary web script/HTML and execute in the victim’s br...

4.3CVSS5.9AI score0.01537EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2010/03/26 8:0 p.m.32 views

CVE-2009-4743

Multiple cross-site scripting XSS vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 HistoryStorageObjectName and 2 HistoryKey parameters...

5.8AI score0.01537EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2009/10/20 12:0 a.m.24 views

AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities

AfterLogic WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-...

4.3CVSS6.6AI score0.01537EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/10/20 12:0 a.m.25 views

AfterLogic WebMail Pro <= 4.7.10 Multiple XSS Vulnerabilities

AfterLogic WebMail Pro is prone to multiple cross-site scripting XSS vulnerabilities because the application fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

4.3CVSS7AI score0.01537EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/10/20 12:0 a.m.18 views

AfterLogic WebMail Pro Detection

This host is running AfterLogic WebMail Pro, a Webmail front-end for your existing POP3/IMAP mail server. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

6.9AI score
Exploits0References1
Rows per page
Query Builder