Kerio Mail Server Multiple Cross Site Scripting vulnerabilities

Kerio Mail Server is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Kerio MailServer/Connect Detection (HTTP, SMTP, POP3, IMAP, NNTP)

This script will detect the version of Kerio MailServer or Connect on the remote host. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2008-5769

Multiple cross-site scripting XSS vulnerabilities in Kerio MailServer before 6.6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 folder parameter to mailCompose.php or the 2 daytime parameter to calendarEdit.php. NOTE: some of these details are obtained from third party...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Kerio MailServer before 6.6.2 allow remote attackers to inject arbitrary web script or HTML via the 1 folder parameter to mailCompose.php or the 2 daytime parameter to calendarEdit.php. NOTE: some of these details are obtained from third party...

CVE-2008-5769

CVE-2008-5769 concerns Kerio MailServer prior to 6.6.2, with multiple cross-site scripting (XSS) vulnerabilities. The flaws allow remote attackers to inject arbitrary web script or HTML via the folder parameter to mailCompose.php or the daytime parameter to calendarEdit.php. The NVD/OpenVAS recor...

CVE-2008-5760

Cross-site scripting XSS vulnerability in error413.php in Kerio MailServer before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via the sent parameter. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in error413.php in Kerio MailServer before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via the sent parameter. NOTE: some of these details are obtained from third party information...

CVE-2008-5760

CVE-2008-5760 corresponds to multiple cross-site scripting vulnerabilities in Kerio MailServer prior to 6.6.2, as documented by OpenVAS entries and NVD. The XSS flaws affect the Kerio MailServer web interface, with the explicit issue noted as an XSS in error413.php via the sent parameter, contrib...

CVE-2008-5760

Cross-site scripting XSS vulnerability in error413.php in Kerio MailServer before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via the sent parameter. NOTE: some of these details are obtained from third party information...

Gentoo Security Advisory GLSA 200812-16 (dovecot)

The remote host is missing updates announced in advisory GLSA 200812-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200812-16 (dovecot)

The remote host is missing updates announced in advisory GLSA 200812-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Kerio MailServer < 6.6.2 (KSEC-2008-12-16-01) Multiple XSS

Binary data 4797.prm...

Kerio MailServer < 6.6.2 Multiple XSS (KSEC-2008-12-16-01)

According to its banner, the remote host is running a version of Kerio MailServer prior to 6.6.2. Multiple files in such versions are reportedly affected by cross-site scripting vulnerabilities. - The application fails to sanitize input to the parameter 'folder' of the 'mailCompose.php' script as...

Kerio WebMail < 5.7.7 Multiple Vulnerabilities

Kerio MailServer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Tenable Network Security & David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Kerio WebMail v5 multiple flaws

The remote host is running version 5 of the Kerio MailServer. There are multiple flaws in this interface which may allow an attacker with a valid webmail account on this host to obtain a shell on this host or to perform a cross-site-scripting attack against this host with version prior to 5.6.4...

Mercur Mailserver/Messaging version <= 5.0 IMAP Overflow Vulnerability

The Mercur IMAP4 Service is running on the remote host. Description : A version of Mercur Mailserver or Messaging Server is installed on the remote host. It is a complete messaging solution including common functions like 'smtp/pop3/imap4-server'. The Mercur IMAP4 Service is vulnerable to buffer...

Mercur Mailserver/Messaging <= 5.0 IMAP Overflow Vulnerability

The Mercur IMAP4 Service running on the host is vulnerable to buffer overflows by sending a special crafted SPDX-FileCopyrightText: 2008 Ferdy Riphagen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

Design/Logic Flaw

Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs...

CVE-2008-0860

Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs...

CVE-2008-0858

Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors...