12 matches found
EUVD-2004-1099
Malware in sbrugna...
CVE-2004-1101
mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service server crash, leak sensitive pathname information in the resulting error message, and execute a cross-site scripting XSS attack via an HTTP request that contains a / backslash and...
CVE-2004-1101
mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service server crash, leak sensitive pathname information in the resulting error message, and execute a cross-site scripting XSS attack via an HTTP request that contains a / backslash and...
CVE-2004-1100
Cross-site scripting XSS vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter...
TIPS MailPost append Parameter XSS
TIPS MailPost, a web application used for emailing HTML form data to a third party, is installed on the remote host. The version of MailPost hosted on the remote web server has a cross-site scripting vulnerability in the 'append' variable of mailpost.exe when debug mode is enabled. Debug mode is...
MailPost vulnerable to cross-site scripting via an executable requested with a trailing slash appended to the filename
Overview A cross-site scripting vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions. Description According to a report by ProCheckUp, MailPost is vulnerable to a Cross-Site Scripting attack by adding a trailing '/' character to the executable filename. The...
MailPost vulnerable to cross-site scripting in the 'append' variable passed to the file as part of an HTTP GET request
Overview A cross-site scripting vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions. Description According to a report by ProCheckUp, MailPost is vulnerable to a Cross-Site Scripting attack via the 'append' variable. The 'append variable is passed as part ...
TIPS MailPost 5.1.1 - Error Message Cross-Site Scripting
TIPS MailPost 5.1.1 - Error Message Cross-Site Scripting source: https://www.securityfocus.com/bid/11598/info MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute...
TIPS MailPost 5.1.1 - APPEND Cross-Site Scripting
TIPS MailPost 5.1.1 - APPEND Cross-Site Scripting source: https://www.securityfocus.com/bid/11596/info MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute arbitra...
MailPost discloses sensitive system information when operating in debug mode
Overview A vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions that may permit a remote attacker to gain sensitive information about the server configuration and environment.. Description According to the ProCheckUp report, MailPost contains a vulnerabilit...
MailPost vulnerable file system information disclosure via HTTP GET request
Overview A vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions that may permit a remote attacker to verify the existance of files anywhere on the local system. Description According to the ProCheckUp report, MailPost contains a vulnerability that may permi...
TIPS MailPost 5.1.1 - Error Message Cross-Site Scripting
source: https://www.securityfocus.com/bid/11598/info MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute arbitrary HTML and script code in a user's browser throug...