Lucene search
+L

220 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-52785

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00388EPSS
Exploits0References3
Gitee
Gitee
added 2025/07/27 4:13 a.m.159 views

Exploit for Cross-site Scripting in Atmail

AWAE/OSWE Preparation for coming AWAE Training. Work in progress... Atmail Mail Server Appliance: from XSS to RCE 6.4 CVE-2012-2593 - https://www.exploit-db.com/exploits/20009 - https://github.com/sourceincite/poc/blob/master/SRC-2016-0012.py ATutor Authentication Bypass and RCE 2.2.1 CVE-2016-25...

10CVSS7.6AI score0.94789EPSS
Exploits18
RedhatCVE
RedhatCVE
added 2025/05/23 9:38 a.m.6 views

CVE-2024-24133

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page...

9.8CVSS8.3AI score0.00637EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.10 views

CVE-2022-30776

atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...

6.1CVSS5.8AI score0.04212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:57 a.m.12 views

CVE-2017-9517

atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV...

8.8CVSS7AI score0.00451EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:12 a.m.8 views

CVE-2017-9519

atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account...

8.8CVSS6.8AI score0.00451EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:5 a.m.11 views

CVE-2017-9518

atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails...

8.8CVSS6.9AI score0.00451EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:25 a.m.11 views

CVE-2017-11617

Cross-site scripting XSS vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes...

6.1CVSS5.9AI score0.01025EPSS
Exploits1References1
NVD
NVD
added 2024/02/07 2:15 p.m.18 views

CVE-2024-24133

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page...

9.8CVSS9.8AI score0.00637EPSS
Exploits0References1
OSV
OSV
added 2024/02/07 2:15 p.m.5 views

CVE-2024-24133

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page...

9.8CVSS5.8AI score0.00637EPSS
Exploits0References1
Prion
Prion
added 2024/02/07 2:15 p.m.16 views

Sql injection

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page...

7.5CVSS8.6AI score0.00637EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/07 12:0 a.m.22 views

CVE-2024-24133

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page...

10AI score0.00637EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/07 12:0 a.m.6 views

Atmail SQL Injection Vulnerability

Atmail is an email hosting service from Atmail. It is used to ensure a secure, stable, scalable and private customer email platform. An SQL injection vulnerability exists in Atmail version v6.6.0, which stems from an SQL injection vulnerability in the login page...

9.8CVSS7.9AI score0.00637EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/07 12:0 a.m.10 views

CVE-2024-24133

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page...

8.2AI score0.00637EPSS
Exploits0References1
CVE
CVE
added 2024/02/07 12:0 a.m.55 views

CVE-2024-24133

Affected software: Atmail v6.6.0. Vulnerability: SQL injection via the username parameter on the login page. Root cause: improper handling of the username input leading to SQL injection (high/critical impact). CVSSv3.1 metrics indicate: Network attack vector, no privileges required, user interact...

9.8CVSS9.7AI score0.00637EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/07 12:0 a.m.8 views

PT-2024-20286 · Atmail · Atmail

Name of the Vulnerable Software and Affected Versions: Atmail version 6.6.0 Description: The issue is a SQL injection vulnerability that can be exploited via the username parameter on the login page. Recommendations: For Atmail version 6.6.0, avoid using the username parameter in the login page...

9.8CVSS7.8AI score0.00637EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2023/07/31 12:0 a.m.22 views

Atmail <= 5.62 XSS Vulnerability

Atmail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:atmail:atmail"; if...

6.1CVSS6.1AI score0.00388EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/07/27 7:15 p.m.5 views

CVE-2022-31200

Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...

6.1CVSS6.4AI score0.00388EPSS
Exploits0References4
OSV
OSV
added 2023/07/27 7:15 p.m.7 views

CVE-2022-31200

Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...

6.1CVSS5.8AI score0.00388EPSS
Exploits0References2
NVD
NVD
added 2023/07/27 7:15 p.m.19 views

CVE-2022-31200

Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...

6.1CVSS6AI score0.00388EPSS
Exploits0References2
Rows per page
Query Builder