Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Japan Vulnerability Notes
Japan Vulnerability Notesadded 2013/04/04 12:0 a.m.39 views

JVN#04288738: Active! mail vulnerable to information disclosure

Active! mail provided by TransWARE is a webmail software. Active! mail contains an information disclosure vulnerability. Impact If the "external public interface" is enabled, an attacker who can log into the server may obtain users credentials. Solution Restrict log-in to the server Allow...

1.9CVSS6.1AI score0.00062EPSS
Exploits0
NVD
NVDadded 2009/12/17 6:30 p.m.13 views

CVE-2009-4354

TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not properly secure the session ID in a session cookie, which allows remote attackers to hijack web sessions, probably related to the "secure" flag for cookies in SSL sessions...

5.8CVSS6.7AI score0.00285EPSS
Exploits0References4
Cvelist
Cvelistadded 2009/12/17 6:0 p.m.17 views

CVE-2009-4353

The Mobile Edition of TransWARE Active! mail 2003 build 2003.0139.0871 and earlier, and possibly other versions before 2003.0139.0911, does not remove the session ID in a Referer URL, which allows remote attackers to hijack web sessions via vectors such as an email with an embedded URL...

6.7AI score0.00357EPSS
Exploits0References5
Rows per page
Query Builder