17 matches found
EUVD-2004-2305
Malware in sbrugna...
EUVD-2007-0556
Malware in sbrugna...
EUVD-2001-0972
Malware in sbrugna...
inter7.com XSS vulnerability
Vulnerable URL: http://www.inter7.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1268416 V...
qmailadmin 1.0.x Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on...
Vpopmail/QmailAdmin User's Quota Multiple Integer Overflows
Author: Jacobo Avariento Gimeno Sofistic S.L. Contact: jacobo at sofistic.net Release Date: May 8, 2009 CVE/bugtraq id: Not assigned yet Severity: Low/Medium Vendor's Description of Software: ------------------------------------------------------------------------------------- „Vpopmail is a free...
Remote file inclusion
PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULESDIR parameter...
CVE-2007-0558
PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULESDIR parameter...
CVE-2007-0558
This CVE (CVE-2007-0558) affects Inter7 vHostAdmin 1.0. A PHP remote file inclusion flaw exists in modules/mail/main.php triggered by a URL in the MODULES_DIR parameter, allowing remote attackers to execute arbitrary PHP code. The vulnerability resides in the MODULES_DIR handling and can enable a...
CVE-2004-2313
Inter7 SqWebMail 3.4.1–3.6.1 exposes a password-guessing vulnerability: authentication responses differ for incorrect vs. correct passwords on non-mail-enabled accounts (e.g., root), enabling remote attackers to brute-force the root password. The issue is tied to the login error handling and disc...
CVE-2004-2313
Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as root, which allows remote attackers to guess the root password via brute force attacks...
CVE-2004-2313
Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as root, which allows remote attackers to guess the root password via brute force attacks...
CVE-2004-2313
Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as root, which allows remote attackers to guess the root password via brute force attacks...
PCL-0002: Session Hijacking in "Sqwebmail"
--------------------------- PUCCIOLAB.ORG - ADVISORIES http://www.pucciolab.org --------------------------- PCL-0002: Session Hijacking in "Sqwebmail" --------------------------------------------------------------------------- PuCCiOLAB.ORG Security Advisories [email protected]...
CVE-2001-0990
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, stores authentication data in cleartext inside the libvpopmail.a library. This enables local users to recover MySQL credentials by inspecting vpopmail programs linked against the library. Affected component: vpopmail (MySQL module)...
CVE-2001-0990
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library...
Inter7 vpopmail (vchkpw) 3.4.11 - Local Buffer Overflow
Inter7 vpopmail vchkpw 3.4.11 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/942/info Vpopmail vchkpw is free GPL software package built to help manage virtual domains and non /etc/passwd email accounts on Qmail mail servers. This package is developed by Inter7 Referenced in...