Lucene search
K

136 matches found

exploitpack
exploitpack
added 2006/12/04 12:0 a.m.13 views

Inside Systems Mail 2.0 - error.php Cross-Site Scripting

Inside Systems Mail 2.0 - error.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21424/info Inside Systems Mail is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/10/11 12:0 a.m.12 views

Kmail 1.9.1 - IMG SRC Remote Denial of Service

Kmail 1.9.1 - IMG SRC Remote Denial of Service nnp at silenthack.co.uk http://silenthack.co.uk Kmail tag. HTML parsing must be enabled for this. This can be done by going to Settings - Configure Kmail -Security - and tick Prefer HTML to Plain Text. Copy the following into your local...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/08/17 9:0 p.m.21 views

CVE-2006-4210

numail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when registerglobals is enabled, allows remote attackers to use the server as an open mail relay via modified mailtext2, userrow5, numail1, and shopmail parameters. NOTE: some of these details are obtained from third party information...

6.7AI score0.01996EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2006/06/26 12:0 a.m.34 views

v3chatIM.txt

V3 Chat Instant Messenger http://www.v3chat.com/ Affected files: /mail/index.php /mail/reply.php isonline.php online.php profile.php profileview.php search.php mycontacts.php expire.php Editing your profile: - input boxes ------------------------------------------ Mail Vulnerabilities: Full path...

7.4AI score
Exploits0
Debian CVE
Debian CVE
added 2006/02/24 10:0 p.m.24 views

CVE-2006-0884

The WYSIWYG rendering engine "rich mail" editor in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which i...

9.3CVSS6.1AI score0.07066EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2004/11/30 12:0 a.m.16 views

Mercury Mail Remote IMAP Stack Buffer Overflow (deprecated)

Binary data 2438.prm...

10CVSS7.3AI score0.72459EPSS
Exploits8References1
Exploit DB
Exploit DB
added 2003/06/10 12:0 a.m.27 views

Mandrake Linux 8.2 - '/usr/mail' Local Overflow

!/usr/bin/perl Mandrake 8.2 /usr/mail local exploit Usage: perl d86mail.pl offset Then enter "." dot and press 'Enter' Example: satan@localhost my$ perl d86mail.pl eip: 0xbffffddd .enter Cc: too long to edit sh-2.05$ $shellcode = "\x31\xdb\x89\xd8\xb0\x17\xcd\x80"...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2003/03/17 12:0 a.m.29 views

outblaze.txt

========================================== INetCop Security Advisory 2003-0x82-014.b ========================================== Title: ++Danger++ Outblaze Web based e-mail that is exposed in very dangerous state !!! 0x01. Description Hackermail.com Outblaze Web based e-mail is mail service that I...

7.4AI score
Exploits0
NVD
NVD
added 2003/02/11 5:0 a.m.11 views

CVE-2003-1080

Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users...

1.2CVSS6.2AI score0.00298EPSS
Exploits0References5
exploitpack
exploitpack
added 2002/07/24 12:0 a.m.14 views

Pegasus Mail 4.0 1 - Message Header Buffer Overflow

Pegasus Mail 4.0 1 - Message Header Buffer Overflow source: https://www.securityfocus.com/bid/5302/info Pegasus Mail is an email client for Microsoft Windows and DOS based systems. A buffer overflow vulnerability has been reported in some versions of Pegasus Mail. Reportedly, Pegasus is vulnerabl...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2002/04/24 12:0 a.m.12 views

Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service

Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service source: https://www.securityfocus.com/bid/4584/info A denial of service issue has been reported in Microsoft Outlook Express. Reportedly, Outlook Express does not adequately handle unusually crafted HTML mail messages...

7.3AI score
Exploits0
CVE
CVE
added 2002/04/12 4:0 a.m.47 views

CVE-2002-0041

CVE-2002-0041 affects SGI Mail for IRIX 6.5 through 6.5.15f (and possibly earlier) and is triggered when the -R option is used, allowing local and remote attackers to cause a core dump. The available sources identify the affected software as Mail for SGI IRIX and describe the vulnerability as a f...

5CVSS7AI score0.01632EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2000/10/23 12:0 a.m.25 views

Avirt Mail 4.0/4.2 - 'Mail From:' / 'Rcpt to:' Denial of Service

// source: https://www.securityfocus.com/bid/1825/info Due to insufficient bounds checking in the code that handles the fields 'MAIL FROM:' and 'RCPT TO:', it is possible to remotely crash Avirt Mail. Entering over 272 characters into the 'RCPT TO:' field will crash the application upon terminati...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/10/03 12:0 a.m.11 views

David Harris Pegasus Mail 3.12 - File Forwarding

David Harris Pegasus Mail 3.12 - File Forwarding source: https://www.securityfocus.com/bid/1738/info It is possible for a malicious website operator to obtain copies of known files on a remote system if a website visitor is running Pegasus Mail client. If the following code were to be inserted in...

0.2AI score
Exploits0
NVD
NVD
added 1999/12/22 5:0 a.m.18 views

CVE-2000-0036

Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability...

5CVSS6.4AI score0.03922EPSS
Exploits0References2
Packet Storm
Packet Storm
added 1999/09/19 12:0 a.m.28 views

solaris_bof.txt

Subject: Solaris 2.7 /usr/bin/mail To: [email protected] Greetings, There is a possible buffer overflow vulnerability in Solaris 2.7's sgid mail /usr/bin/mail. The reason it's only a possibility and not a full blow exploit is that mail drops sgid privs before the overflow occurs. However ...

0.1AI score
Exploits0
Rows per page
Query Builder