CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

EUVD-2005-1311

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2004-2313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts such as...

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

DEBIAN-CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

SqWebMail 3.x/4.0 - HTTP Response Splitting

source: https://www.securityfocus.com/bid/13374/info SQWebmail is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web...

CVE-2004-0591

Cross-site scripting XSS vulnerability in the printheaderuc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via 1 e-mail headers or 2 a message with a "message/delivery-status" MIME Content-Type...

CVE-2004-0591

Cross-site scripting XSS vulnerability in the printheaderuc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via 1 e-mail headers or 2 a message with a "message/delivery-status" MIME Content-Type...

Courier: Cross-site scripting vulnerability in SqWebMail

Background Courier is an integrated mail and groupware server based on open protocols. It provides ESMTP, IMAP, POP3, webmail, and mailing list services within a single framework. The webmail functionality included in Courier called SqWebMail allows you to access mailboxes from a web browser...

DSA-533 courier - cross-site scripting

Bulletin has no description...

PCL-0002: Session Hijacking in "Sqwebmail"

--------------------------- PUCCIOLAB.ORG - ADVISORIES http://www.pucciolab.org --------------------------- PCL-0002: Session Hijacking in "Sqwebmail" --------------------------------------------------------------------------- PuCCiOLAB.ORG Security Advisories [email protected]...

[SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure

-------------------------------------------------------------------------- Debian Security Advisory DSA 197-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2002 http://www.debian.org/security/faq -...