14 matches found
EUVD-2002-0407
Malware in sbrugna...
EUVD-2002-0408
Malware in sbrugna...
AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
AeroMail is prone to multiple remote vulnerabilities, including: 1. A cross-site scripting vulnerability. 2. Multiple HTML-injection vulnerabilities. 3. Multiple cross-site request forgery vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a...
AeroMail Detection
This host is running AeroMail, a web-based e-mail client written in PHP. OpenVAS Vulnerability Test $Id: gbaeromaildetect.nasl 5721 2017-03-24 14:42:01Z cfi $ AeroMail Detection Authors: Michael Meyer Copyright: Copyright c 2011 Greenbone Networks GmbH This program is free software; you can...
AeroMail Detection
This host is running AeroMail, a web-based e-mail client written in PHP. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
AeroMail is prone to multiple remote vulnerabilities, including: 1. A cross-site scripting vulnerability. 2. Multiple HTML-injection vulnerabilities. 3. Multiple cross-site request forgery vulnerabilities. The attacker can exploit the cross-site scripting issue to execute arbitrary script code in...
CVE-2002-0411
Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line...
CVE-2002-0410
sendmessage.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded...
CVE-2002-0411
Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line...
CVE-2002-0410
sendmessage.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded...
CVE-2002-0411
AeroMail
CVE-2002-0410
CVE-2002-0410 (AeroMail) affects AeroMail before 1.45. The vulnerability is in send_message.php, allowing remote attackers to read arbitrary server files instead of only uploaded ones by crafting the attachment filename during upload. This is caused by improper handling of file path/filename duri...
AeroMail multiple vulnerabilities
AeroMail multiple vulnerabilities PROGRAM: AeroMail VENDOR: Mark Cushman [email protected] HOMEPAGE: http://the.cushman.net/projects/aeromail/ MIRROR: http://www.packetplay.com/projects/aeromail/ VULNERABLE VERSIONS: all versions below 1.45 SEVERITY: medium to high DESCRIPTION: "AeroMail is a...
Многочисленные ошибки в AeroMail (multiple bugs)
Обратный путь в каталогах, межсайтовый скриптинг...