Atmail Webmail 4.5.1 (4.51) / 5.x < 5.0.3 (5.03) util.pl Cross-Site Request Forgery

According to its version, the Atmail Webmail install on the remote host is 4.5.1 4.51 or 5.x prior to 5.0.3 5.03. It is, therefore, potentially affected by an input-validate error in the file 'util.pl' that could allow cross-site request forgery XSRF attacks. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2006-6701

Cross-site request forgery CSRF vulnerability in util.pl in @Mail WebMail 4.51, and util.php in 5.x before 5.03, allows remote attackers to modify arbitrary settings and perform unauthorized actions as an arbitrary user, as demonstrated using a settings action in the SRC attribute of an IMG eleme...

CVE-2004-2379

Multiple cross-site scripting XSS vulnerabilities in @Mail 3.64 for Windows allow remote attackers to inject arbitrary web script or HTML via 1 the Displayed Name attribute in util.pl and 2 the Folder attribute in showmail.pl...