90 matches found
EUVD-2005-0846
Malware in sbrugna...
EUVD-2005-0847
Malware in sbrugna...
CVE-2024-11990
A Cross-Site Scripting XSS vulnerability in SurgeMail v78c2 could allow an attacker to execute arbitrary JavaScript code via an elaborate payload injected into vulnerable parameters...
CVE-2024-11990 Cross-Site Scripting (XSS) en SurgeMail de NetWin
A Cross-Site Scripting XSS vulnerability in SurgeMail v78c2 could allow an attacker to execute arbitrary JavaScript code via an elaborate payload injected into vulnerable parameters...
CVE-2024-11990 Cross-Site Scripting (XSS) en SurgeMail de NetWin
A Cross-Site Scripting XSS vulnerability in SurgeMail v78c2 could allow an attacker to execute arbitrary JavaScript code via an elaborate payload injected into vulnerable parameters...
SurgeMail Detection (IMAP)
IMAP based detection of SurgeMail. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...
SurgeMail Detection (SMTP)
SMTP based detection of SurgeMail. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.148164";...
SurgeMail Detection (POP3)
POP3 based detection of SurgeMail. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...
SurgeMail Detection (HTTP)
HTTP based detection of SurgeMail. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...
surgemail 6.0a4 - Stored XSS
No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: SurgeMail Version: 6.0a4 Vendor Site: http://www.netwinsite.com Software Download: http://netwinsite.com/download.htm Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012: Respon...
SurgeMail 3.8 - IMAP LSUB Command Remote Stack Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28377/info SurgeMail is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input. Successfully exploiting this issue may allow remote attackers to execute...
NetWin SurgeMail 1.8/1.9/2.0,WebMail 3.1 Error Message Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/10483/info SurgeMail/WebMail is prone to multiple vulnerabilities. These issue result from insufficient sanitization of user-supplied data. The issues can allow an attacker to carry out path disclosure and cross-site...
NetWin SurgeMail 1.8/1.9/2.0,WebMail 3.1 Login Form XSS
No description provided by source. source: http://www.securityfocus.com/bid/10483/info SurgeMail/WebMail is prone to multiple vulnerabilities. These issue result from insufficient sanitization of user-supplied data. The issues can allow an attacker to carry out path disclosure and cross-site...
SurgeMail and WebMail <= 3.0 - 'Page' Command Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27990/info SurgeMail and WebMail are prone to a remote format-string vulnerability because the applications fail to properly sanitize user-supplied input before including it in the format-specifier argument of a...
SurgeMail 3.0 - Real CGI executables Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27992/info SurgeMail is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input. Successfully exploiting this issue allows remote attackers to execute arbitrary machin...
XSS vulnerability in swfupload in ExpressionEngine
Hello 3APA3A! Here is information about Cross-Site Scripting vulnerability in swfupload in ExpressionEngine. After publication of my advisory XSS vulnerability in web applications with swfupload: AionWeb, Magento, Liferay Portal, SurgeMail, symfony http://securityvulns.ru/docs28761.html and after...
XSS vulnerability in swfupload in TinyMCE, SPIP, Radiant CMS, AionWeb, Liferay Portal, SurgeMail, symfony
Hello 3APA3A! I will draw your attention to XSS vulnerability in other web applications with swfupload. Earlier I've wrote about swfupload in AionWeb, Magento, Liferay Portal, SurgeMail, symfony and that this hole is available in many other web applications. In previous letters I've wrote...
XSS vulnerability in web applications with swfupload: AionWeb, Magento, Liferay Portal, SurgeMail, symfony.
Hello 3APA3A! I will draw your attention to XSS vulnerability in other web applications with swfupload. Earlier I've wrote about swfupload in Dotclear, InstantCMS, AionWeb, Dolphin and that this hole is available in many other web applications. In previous letter I've wrote concerning web...
AionWeb, Magento, Liferay Portal, SurgeMail, symfony XSS vulnerability
Exploit for php platform in category web applications I will draw your attention to XSS vulnerability in other web applications with swfupload. Earlier I've wrote about swfupload in Dotclear, XenForo, InstantCMS, AionWeb, Dolphin and that this hole is available in many other web applications. In...
CVE-2012-2575
NetWin SurgeMail 6.0a4 is affected by a Cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message. This is triggered by HTML emails, enabling script execution in som...