CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2019/03/12 8:29 p.m.•1 views

CVE-2019-9558

Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting XSS via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe...

6.1CVSS6.3AI score0.00211EPSS

NVD•added 2019/03/12 8:29 p.m.•7 views

CVE-2019-9558

6.1CVSS6.1AI score0.00211EPSS

Prion•added 2019/03/12 8:29 p.m.•9 views

Cross site scripting

4.3CVSS6AI score0.00211EPSS

CVE•added 2019/03/12 8:0 p.m.•29 views

CVE-2019-9558

Mailtraq WebMail 2.17.7.3550 is affected by a Persistent Cross Site Scripting (XSS) vulnerability that can be triggered when a user opens an email containing malicious Javascript inserted as an iframe in the email body. The issue is server-side processing of email content that leads to XSS, enabl...

6.1CVSS6AI score0.00211EPSS

Cvelist•added 2019/03/12 8:0 p.m.•11 views

CVE-2019-9558

6.1AI score0.00211EPSS

Packet Storm•added 2019/03/04 12:0 a.m.•62 views

Mailtraq WebMail 2.17.7.3550 Cross Site Scripting

Exploit Title: Persistent Cross Site Scripting XSS - Mailtraq WebMail version 2.17.7.3550 CVE: CVE-2019-9558 Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: http://www.mailtraq.com/mail-server-software Category: webapps Attack Type: Remote Impact:...

6.4AI score0.00211EPSS

Exploits2

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Mailtraq 2.2 Browse.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7813/info Mailtraq is vulnerable to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of HTTP requests to the vulnerable Mailtraq server. An attacker can exploit this vulnerability by...

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Fastraq Mailtraq 1.1.4 - Multiple Path Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/1278/info A remote user may browse any known directory on a host running Fastraq Mailtraq 1.1.4 by making a URL request that includes the '../' string. In addition, requesting a URL appended with ../ and an unusually long...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Mailtraq 2.x Administration Console Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11708/info Mailtraq allows a user to activate the Mailtraq administration console software by easily launching the software from an icon in the Windows system tray. It is reported that a local user may exploit the...

seebug.org•added 2014/07/01 12:0 a.m.•11 views

mailtraq 2.17.3.3150 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: MailTraq Version: 2.17.3.3150Mar 5th, 2012 Vendor Site: http://www.mailtraq.com/ Software Download: http://www.mailtraq.com/30day Timeline: 29 May 2012: Vulnerability reported to CERT 30 May...

seebug.org•added 2014/07/01 12:0 a.m.•18 views

Mailtraq 2.2 Webmail Utility Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7815/info A vulnerability has been reported for Mailtraq that may result in the disclosure of path information. The vulnerability exists due to insufficient sanitization of HTTP requests. Specifically, a request for...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Mailtraq 2.1 .0.1302 User Password Encoding Weakness

No description provided by source. source: http://www.securityfocus.com/bid/7923/info It has been reported that Mailtraq does not securely store passwords. Because of this, an attacker may have an increased chance at gaining access to clear text passwords. !/usr/bin/perl $Password = $ARGV0; print...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

Mailtraq 2.1 .0.1302 Remote Format String SMTP Resource Consumption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7926/info It has been reported that Mailtraq does not reliably handle format strings in some SMTP protocol fields. This may cause a system to become unstable and crash, allowing a remote attacker to deny service to the...

NVD•added 2012/09/19 10:57 a.m.•7 views

CVE-2012-2586

4.3CVSS5.7AI score0.00342EPSS

Prion•added 2012/09/19 10:57 a.m.•11 views

Cross site scripting

4.3CVSS6AI score0.00342EPSS

Cvelist•added 2012/09/19 10:0 a.m.•9 views

CVE-2012-2586

5.7AI score0.00342EPSS

CVE•added 2012/09/19 10:0 a.m.•39 views

CVE-2012-2586

CVE-2012-2586 affects Mailtraq 2.17.3.3150 with multiple XSS vulnerabilities. The issue arises from failure to sanitize untrusted input in email content and headers, enabling remote injection of scripts via: (1) subject, (2) body payloads (IFRAME SRC, data: URL in META CONTENT, IMG STYLE CSS expr...

4.3CVSS5.8AI score0.00342EPSS