45 matches found
NOCC 1.0 - 'error.php?html_error_occurred' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject arbitrary PHP code and execute it ...
CVE-2002-2343
Cross-site scripting XSS vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages...
NOCC: XSS
NOCC: XSS PROGRAM: NOCC VENDOR: Olivier Cahagne et al. HOMEPAGE: http://nocc.sourceforge.net/ VULNERABLE VERSIONS: 0.9.5, possibly others IMMUNE VERSIONS: 0.9.5 with my patch applied SEVERITY: high LOGIN REQUIRED: no DESCRIPTION: "NOCC is a simple and fast Web-based e-mail reader which can handle...
NOCC: cross-site-scripting bug
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following cross-site-scripting bug in NOCC: Details - ------- Product: NOCC Affected Version: 0.9.5 and maybe all versions before Immune Version: none, authors are working on it OS affected: all OS with php and mysql Vendor-URL:...
NOCC 0.9.x - Webmail Script Injection
source: https://www.securityfocus.com/bid/4740/info NOCC is a web based email client implemented in PHP4. It includes support for POP3, SMTP and IMAP servers, MIME attachments and multiple languages. A script injection issue has been reported with the way emails are displayed to users of NOCC...