2 matches found
CVE-2006-4951
Neon WebMail for Java before 5.08 is vulnerable to remote code execution: an attacker can send an email containing a JSP attachment that is stored under the web root with a predictable filename, allowing execution of arbitrary Java (JSP) code on the server. The affected component is Neon WebMail ...
CVE-2006-4951
Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java JSP code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename...