Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/01/20 12:0 a.m.31 views

SmarterMail Email正文HTML注入漏洞

Bugtraq ID:64970 SmarterMail是一款邮件服务程序。 SmarterMail不正确过滤Email正文数据,允许远程攻击者利用漏洞构建恶意邮件,诱使用户解析,当恶意数据被查看时可获取敏感信息或者劫持用户会话。 0 SmarterMail 11.x 目前没有详细解决方案提供: http://www.smartertools.com/smartermail/mail-server-software.aspx ?php / Exploit Title: SmarterMail Enterprise and Standard =11.x Stored XSS Google...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/01/17 12:0 a.m.37 views

SmarterMail Enterprise and Standard 11.x - Persistent Cross-Site Scripting

Click Me, Please...\r\n NOTE: javascript html char encode = then you will be able to get into the victim's mailbox via the url: http://WebSite/Smarter/Default.aspx I used phpmailer class for beside of the exploit so you need to download it here and run...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/01/15 12:0 a.m.56 views

SmarterMail 11.x Cross Site Scripting

Click Me, Please...\r\n NOTE: javascript html char encode = javaScRipt then you will be able to get into the victim's mailbox via the url: http://WebSite/Smarter/Default.aspx I used phpmailer class for beside of the exploit so you need to download it here and run the exploit in the phpmailer...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/08/20 12:0 a.m.31 views

Hupa Webmail 0.0.2 Stored XSS

Exploit for java platform in category web applications !/usr/bin/python ''' Exploit Title: Hupa Webmail Stored XSS Date: 14/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://james.apache.org/hupa/ Software Link:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/08/16 12:0 a.m.31 views

Roundcube Webmail 0.8.0 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Exploit Title: Roundcube Webmail Stored XSS. Date: 14/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://roundcube.net Software Link: http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.8.0/roundcubemail-0.8.0.tar.gz/download Version: 0.8.0...

7.4AI score
Exploits0
NVD
NVD
added 2012/08/12 9:55 p.m.16 views

CVE-2012-2573

Multiple cross-site scripting XSS vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

4.3CVSS5.7AI score0.01343EPSS
Exploits1References1
Cvelist
Cvelist
added 2012/08/12 9:0 p.m.26 views

CVE-2012-2590

Multiple cross-site scripting XSS vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted SRC attribute of an IFRAME element, 3 a crafted CONTENT attribute of an...

5.7AI score0.01319EPSS
Exploits2References1
Rows per page
Query Builder