55 matches found
EUVD-2005-0846
Malware in sbrugna...
EUVD-2001-1264
Malware in sbrugna...
EUVD-2005-1285
Malware in sbrugna...
EUVD-2001-1275
Malware in sbrugna...
Exploit for CVE-2025-49113
CVE-2025-49113 – Roundcube 1.6.10 Authenticated Remote Code Ex...
Webmin Usermin 安全漏洞
Webmin Usermin is a web-based interface from Webmin Inc. It is used for webmail, password change, mail filters, fetchmail, and more. A security vulnerability exists in Webmin Usermin version 2.100, which stems from a discrepancy in the error message for the presence of an invalid login attempt,...
CVE-2021-22129
Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically...
Horde IMP 2.2.x Session Hijacking Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3525/info IMP is a powerful web-based mail interface/client developed by members of the Horde project. Encoded HTML tags are not stripped from requests to access 'status.php3'. It is possible for a remote attacker to...
Magic Winmail Server 4.0 (Build 1112) download.php Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/12388/info Magic Winmail Server is reportedly affected by multiple vulnerabilities. There are two distinct directory traversal vulnerabilities in the Webmail interface allowing both arbitrary file downloads and uploads...
Infinite Interchange 3.61 Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2140/info Infinite Interchange is a multi function email server which supports most common internet protocols. An example of various functions include an http server and webmail interface. Unfortunately Interchange is...
Usermin vulnerable to cross-site scripting
Overview Usermin is a web-based interface used to manage webmail. Usermin contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...
AOL Breached, Investigating Spam from Spoofed Accounts
AOL reported today that it has been breached and urges users of its web-based email and other online services to change their passwords. AOL’s investigation of a breach of its internal network and systems is under way with the help of federal authorities and a forensics firm, the company said. La...
Cross site scripting
Cross-site scripting XSS vulnerability in the Ajax WebMail interface in AXIGEN Mail Server before 7.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-0030
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this...
CVE-2009-0030
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this...
PT-2009-2743 · Squirrelmail +1 · Squirrelmail +1
Name of the Vulnerable Software and Affected Versions: SquirrelMail version 1.4.8 Description: The issue allows remote authenticated users to access other users' folder lists and configuration data under certain circumstances by using the standard webmail.php interface. This occurs because a Red...
CMailServer 5.4.6 (CMailCOM.dll) Remote SEH Overwrite Exploit
Exploit for unknown platform in category remote exploits ============================================================= CMailServer 5.4.6 CMailCOM.dll Remote SEH Overwrite Exploit ============================================================= 0 strUID = arrStringi...
SurgeMail Page命令远程格式串处理漏洞
BUGTRAQ ID: 27990 SurgeMail是下一代的邮件服务器,可运行在Windows NT/2K或UNIX平台上,支持所有的标准IMAP、POP3、SMTP、SSL和ESMTP协议。 SurgeMail中用于处理webmail接口(webmail.exe)的CGI存在安全漏洞,远程攻击者可能利用此漏洞控制服务器。 CGI中用于在请求错误页面时构建错误消息的函数未经验证格式参数便直接将其传送给了lvprintf: "TPL: Failed to Locate Template c:\surgemail\webmail\panel%s%s%s%s%s%s.tpl2=No suc...
CVE-2007-5046
Cross-site scripting XSS vulnerability in the Webmail interface for IceWarp Merak Mail Server before 9.0.0 allows remote attackers to inject arbitrary JavaScript via a javascript: URI in an attribute of an element in an email message body, as demonstrated by the onload attribute in a BODY element...
Cross site scripting
Cross-site scripting XSS vulnerability in the Webmail interface for IceWarp Merak Mail Server before 9.0.0 allows remote attackers to inject arbitrary JavaScript via a javascript: URI in an attribute of an element in an email message body, as demonstrated by the onload attribute in a BODY element...