51 matches found
EUVD-2013-6058
Malware in sbrugna...
EUVD-2012-1927
Malware in sbrugna...
EUVD-2013-2527
Malware in sbrugna...
EUVD-2013-5858
Malware in sbrugna...
AtMail WebMail 4.61 Open Redirect
Title: AtMail WebMail Open Redirect Vulnerability + Date: 2020/03/11 + Author: Lutfu Mert Ceylan + Vendor Homepage: www.atmail.com + Software: Atmail Cloud Hosted Email + Tested on: Windows 10 + Versions: 4.61 and before + Vulnerable Parameter: "redirect" Get Method + Vulnerable File:...
CVE-2012-2593
Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...
Cross site scripting
Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...
CVE-2012-2593
Cross-site scripting XSS vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email...
CVE-2012-2593
The connected documentation confirms a concrete issue: Atmail Webmail Server 6.4 has an XSS vulnerability in its administrative interface that can be triggered via the Date field of an email, enabling attackers to inject arbitrary script/HTML. Exploitation is evidenced by linked exploit-publicati...
AtMail Cross-Site Request Forgery Vulnerability (CNVD-2017-09349)
AtMail is an open source WebMail client from the Australian company Atmail , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site request forgery vulnerability exists in Atmail versions prior to 7.8.0.2...
Atmail Webmail Unsupported Version Detection
According to its self-reported version number, the version of Atmail Webmail on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. %NASLMINLEVEL...
Atmail Webmail 7.x < 7.2.2 Multiple Vulnerabilities
According to its version, the Atmail Webmail installed on the remote host is 7.x prior to 7.2.2. It is, therefore, affected by the following vulnerabilities : - An unspecified input validation error exists that allows cross-site scripting attacks XSS. - An unspecified input validation error exist...
Atmail Webmail 7.2 - Multiple Vulnerabilities
No description provided by source. Title: Atmail Webmail =7.2 - Multiple XSS & FPD Date: 01.27.2014 Vendor: atmail.com Version: =7.2 Latest ATM, tested also on 7.1.1 Authors: Smash & Brag / smashatdevilteam.pl PoC: poczta.pl / demo.atmail.com 1. Cross Site Scripting a GET - viewmessageTabNumber...
Atmail Webmail 7.2 - Multiple Vulnerabilities
Title: Atmail Webmail =7.2 - Multiple XSS & FPD Date: 01.27.2014 Vendor: atmail.com Version: =7.2 Latest ATM, tested also on 7.1.1 Authors: Smash & Brag / smashatdevilteam.pl PoC: poczta.pl / demo.atmail.com 1. Cross Site Scripting a GET - viewmessageTabNumber Request:...
Atmail Webmail 4.5.1 (4.51) / 5.x < 5.0.3 (5.03) util.pl Cross-Site Request Forgery
According to its version, the Atmail Webmail install on the remote host is 4.5.1 4.51 or 5.x prior to 5.0.3 5.03. It is, therefore, potentially affected by an input-validate error in the file 'util.pl' that could allow cross-site request forgery XSRF attacks. %NASLMINLEVEL 70300 C Tenable Network...
Atmail Webmail < 6.5.0 'DOM processor' XSS
According to its version, the Atmail Webmail install on the remote host is a version prior to 6.5.0. It is, therefore, potentially affected by an input validation error related to the 'DOM processor' and 'script' tags that could allow cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable...
Atmail Webmail 3.x < 3.6.4 (3.64) Multiple Vulnerabilities
According to its version, the Atmail Webmail install on the remote host is 3.x prior to 3.6.4 3.64. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists related to the script 'showmail.pl' and the 'Folder' parameter that could allow...
Atmail Webmail 4.x < 4.6.1 (4.61) 'Global.pm' XSS
According to its version, the Atmail Webmail install on the remote host is 4.x prior to 4.6.1 4.61. It is, therefore, potentially affected by an input-validate error in the file 'Global.pm' that could allow cross-site scripting XSS attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Atmail Webmail < 5.4.2 (5.42) Multiple Information Disclosure Vulnerabilities
According to its version, the Atmail Webmail install on the remote host is a version prior to 5.4.2 5.42. It is, therefore, potentially affected by the following vulnerabilities : - A weak permissions error exists related to the files 'webmail/libs/Atmail/Config.php' and...
Atmail Webmail < 6.6.2 Exim Buffer Overflow
According to its version, the Atmail Webmail install on the remote host is a version prior to 6.6.2. It is, therefore, potentially affected by an error in the included Exim component related to the 'dkimeximquerydnstxt' function and DNS record parsing that could allow a buffer overflow and possib...