5 matches found
SurgeMail < 4.3g XSS Vulnerability - Active Check
SurgeMail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netwin:surgemail"...
CVE-2010-3201
The CVE-2010-3201 entry concerns NetWin Surgemail (SurgeMail) SurgeWeb Cross‑Site Scripting (XSS) via the username_ex parameter. The vulnerability is described as a remote XSS that allows an attacker to inject arbitrary script/HTML in the SurgeWeb login page, potentially stealing cookies or hijac...
CVE-2010-3201
Cross-site scripting XSS vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the usernameex parameter to the surgeweb program...
NetWin Surgemail XSS vulnerability
Application NetWin Surgemail 4.3e Vendor NetWin - http://netwinsite.com Discovered by Kerem Kocaer [email protected] Problem ------- Cross-site scripting XSS vulnerability in the Surgemail webmail login page /surgemail allows remote attackers to inject arbitrary web script or HTML. Input...
NetWin Surgemail 4.3e Cross Site Scripting
Application NetWin Surgemail 4.3e Vendor NetWin - http://netwinsite.com Discovered by Kerem Kocaer Problem ------- Cross-site scripting XSS vulnerability in the Surgemail webmail login page /surgemail allows remote attackers to inject arbitrary web script or HTML. Input passed to the "usernameex"...