23 matches found
CVE-2019-19129
Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name...
Cross site scripting
Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name...
AfterLogic WebMail Pro ASP.NET Account Takeover / XXE Injection
ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro ASP.NET Class: Sensitive Information disclosure Remotely Exploitable: Yes Versions Affected: AfterLogic WebMail...
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure (via XXE Injection)
Exploit for asp platform in category web applications 1. ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro ASP.NET Class: Sensitive Information disclosure Remotely...
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection 1. ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro...
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection
ADVISORY INFORMATION ======================================== Title: AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Application: AfterLogic WebMail Pro ASP.NET Class: Sensitive Information disclosure Remotely Exploitable: Yes Versions Affected: AfterLogic WebMail...
AfterLogic MailBee WebMail Pro 3.x login.php mode Parameter XSS
No description provided by source...
AfterLogic WebMail Pro 4.7.10 Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/36605/info AfterLogic WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 HistoryStorageObjectName and 2 HistoryKey parameters...
CVE-2009-4743
Multiple cross-site scripting XSS vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 HistoryStorageObjectName and 2 HistoryKey parameters...
CVE-2009-4743
CVE-2009-4743 affects AfterLogic WebMail Pro versions up to 4.7.10, via XSS in history-storage.aspx. The vulnerability is triggered by specially crafted HistoryStorageObjectName and HistoryKey parameters, allowing remote attackers to inject arbitrary web script/HTML and execute in the victim’s br...
CVE-2009-4743
Multiple cross-site scripting XSS vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 HistoryStorageObjectName and 2 HistoryKey parameters...
AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
AfterLogic WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-...
AfterLogic WebMail Pro Detection
This host is running AfterLogic WebMail Pro, a Webmail front-end for your existing POP3/IMAP mail server. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
AfterLogic WebMail Pro <= 4.7.10 Multiple XSS Vulnerabilities
AfterLogic WebMail Pro is prone to multiple cross-site scripting XSS vulnerabilities because the application fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities
AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36605/info AfterLogic WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data...
AfterLogic WebMail Pro 4.7.10 Cross Site Scripting
Security Advisory : Cross-Site Scripting flaw in AfterLogic WebMail Pro Description ------------- AfterLogic WebMail Pro is vulnerable to Cross-Site Scripting, allowing injection of malicious code in the context of the application. Overview ----------- Quote from...
AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/36605/info AfterLogic WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...
AfterLogic WebMail Pro 4.7.10 xss
Exploit for unknown platform in category web applications ================================= AfterLogic WebMail Pro 4.7.10 xss ================================= Security Advisory : Cross-Site Scripting flaw in AfterLogic WebMail Pro Description ------------- AfterLogic WebMail Pro is vulnerable to...
AfterLogic WebMail Pro 4.7.10 - Cross-Site Scripting
Security Advisory : Cross-Site Scripting flaw in AfterLogic WebMail Pro Description ------------- AfterLogic WebMail Pro is vulnerable to Cross-Site Scripting, allowing injection of malicious code in the context of the application. Overview ----------- Quote from...