37 matches found
EUVD-2012-4003
Malware in sbrugna...
EUVD-2006-2680
Malware in sbrugna...
EUVD-2012-4002
Malware in sbrugna...
EUVD-2007-5621
Malware in sbrugna...
EUVD-2007-5599
Malware in sbrugna...
Socketmail <= 2.2.6 (site_path) Remote File Include Vulnerability
No description provided by source. Title: Socketmail = 2.2.6 - Remote File Include Vulnerability ----------------------------------------------------------------- Vendor: Creative Digital Resources URL: http://socketmail.com ----------------------------------------------------------------- Credit...
SocketMail 2.2.1 Lostpwd.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26138/info SocketMail is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...
CVE-2012-4059
Cross-site request forgery CSRF vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action...
CVE-2012-4058
Cross-site scripting XSS vulnerability in SocketMail Pro 2.2.9 allows remote attackers to inject arbitrary web script or HTML via the subject of an email...
Cross site scripting
Cross-site scripting XSS vulnerability in SocketMail Pro 2.2.9 allows remote attackers to inject arbitrary web script or HTML via the subject of an email...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action...
CVE-2012-4059
CVE-2012-4059 describes a CSRF vulnerability in SocketMail Pro 2.2.9 affecting the endpoint home/secretqtn.php where an attacker can hijack the authenticated user’s session to change security questions and answers via an upd action. The vulnerability arises from CSRF exposure that allows changing...
CVE-2012-4058
CVE-2012-4058 affects SocketMail Pro 2.2.9 and is a cross-site scripting (XSS) vulnerability that lets remote attackers inject arbitrary web script or HTML via the subject of an email. The referenced sources corroborate the description but do not provide additional exploitation details in the con...
CVE-2012-4059
Cross-site request forgery CSRF vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action...
SocketMail Pro 2.2.9 Cross Site Request Forgery / Cross Site Scripting
Title:SocketMail Pro version 2.2.9 CSRF Cross Site Request Forgery && XSS Cross Site Scripting Author:MetaiZm Software:SocketMail Pro version 2.2.9 Website:http://socketmail.com/ Tested on:Windows XP SP3 Description : Subject xss codes inject and email send - Screen :...
CVE-2007-5649
Cross-site scripting XSS vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lostid parameter...
CVE-2007-5649
CVE-2007-5649 is a Cross-site Scripting (XSS) vulnerability in SocketMail 2.2.1 from Creative Digital Resources, exposed via lostpwd.php and the lost_id parameter. The NVD entry lists CVSS v2.0 base score 4.3 (Medium) with network access, required medium attack complexity, no authentication, and ...
CVE-2007-5649
Cross-site scripting XSS vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lostid parameter...
CVE-2007-5627
PHP remote file inclusion vulnerability in content/fnc-readmail3.php in SocketMail 2.2.8 allows remote attackers to execute arbitrary PHP code via a URL in the SOCKETMAILROOT parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in content/fnc-readmail3.php in SocketMail 2.2.8 allows remote attackers to execute arbitrary PHP code via a URL in the SOCKETMAILROOT parameter...