8 matches found
EUVD-2003-0117
Malware in sbrugna...
Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting
MIME-Version: 1.0 Content-Type: multipart/related; type="text/html"; boundary="----MultipartBoundary--" CVE-2017-5124 ------MultipartBoundary-- Content-Type: application/xml; ------MultipartBoundary-- Content-Type: text/html Content-Location: https://google.com alert'Location origin:...
Anchor CMS 0.9.2 Header Injection
Anchor CMS = 0.9.2 Current Version header injection in anchor/models/comment.php $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= 'From: notifications@' . $SERVER'HTTPHOST' . "\r\n"; 49: mail$to, 'comments.notifysubject', $message...
Clearswift MailSweeper 4.x Malformed MIME Attachment Filter Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being ...
Microsoft Outlook Express 5/6 Script Execution Weakness
No description provided by source. source: http://www.securityfocus.com/bid/8281/info It has been reported that a weakness may have been re-introduced into Microsoft Outlook Express. According to the source, the issue described in Bugtraq ID 3334 had been fixed by Microsoft but appears to have...
IncrediMail 5.86 Cross Site Scripting
!/usr/bin/perl -w IncrediMail Xe latest version XSS Vulnerability Discovered by : Bui Quang Minh Description : The most of popular Mail Client now exclude Script Code for mail content. It aims to avoid the type of XSS exploitation For e.g: stolen cookie. IncrediMail also remove Script Code when t...
CVE-2003-0121
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients...
Clearswift MAILsweeper protection bypass
If MIME-Version header is missed or binary encoding is used attachments are not recognized...