EUVD-2009-2450

Malware in sbrugna...

Design/Logic Flaw

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters...

CVE-2009-2455

Multiple cross-site scripting XSS vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 type and 2 func parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

Alt-N WebAdmin < 3.0.3 Multiple Remote Vulnerabilities

Binary data 2572.prm...

Alt-N WebAdmin Multiple Remote Vulnerabilities (XSS, Bypass Access)

The remote host is running Alt-N WebAdmin, a web interface to MDaemon mail server. The remote version of this software is affected by cross-site scripting vulnerabilities due to a lack of filtering on user-supplied input in the file 'usereditaccount.wdm' and the file 'modalframe.wdm'. An attacker...

Alt-N WebAdmin Multiple Vulnerabilities

webadmin.dll was found on the web server. Old versions of this CGI suffered from numerous problems: - installation path disclosure - directory traversal, allowing anybody with administrative permission on WebAdmin to read any file - buffer overflow, allowing anybody to run arbitrary code on the...