North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware

The North Korean advanced persistent threat APT group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of...

SquirrelMail code issue vulnerability (CNVD-2021-29843)

SquirrelMail is a set of PHP language development , cross-platform Webmail mail system . A code issue vulnerability exists in the compose.php file in SquirrelMail version 1.4.22. The vulnerability stems from an improper design or implementation during code development for a web system or product...

JVN#00344155: Multiple vulnerabilities in Denbun

Denbun provided by NEOJAPAN Inc. is a WebMail System. Denbun contains multiple vulnerabilities listed below. Hard-coded credentials for user account CWE-798 - CVE-2018-0680 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2|...

IMHO Webmail 0.9x Account Hijacking Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5238/info A vulnerability has been reported in the IMHO Roxen webmail module which may enable a malicious user of the webmail system to gain access to the account of another user. This issue is due to an error in...

Captaris Infinite WebMail 3.61.5 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6411/info An HTML injection vulnerability has been discovered in Captaris Infinite WebMail. Due to insufficient sanitization of HTML content, it is possible for an attacker to embed malicious script code into HTML email...

KMMail 1.0 E-Mail HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6013/info kmMail does not sufficiently sanitize HTML and script code from the body of e-mail messages. As a result, an attacker may send a malicious message to a user of kmMail that includes arbitrary HTML and script code...

Debian Security Advisory DSA 988-1 (squirrelmail)

The remote host is missing an update to squirrelmail announced via advisory DSA 988-1. Several vulnerabilities have been discovered in Squirrelmail, a commonly used webmail system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-0188 Martijn Brinkers a...

Debian: Security Advisory (DSA-662-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2007-2718

Cross-site scripting XSS vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags...

CVE-2007-2718

Cross-site scripting XSS vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags...

Unfixed XSS vulnerability at politpiar.ru

Security researcher www.nullcode.com.ar, has submitted on 03/10/2007 a cross-site-scripting XSS vulnerability affecting politpiar.ru, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/10/2007. It is...

Debian DSA-988-1 : squirrelmail - several vulnerabilities

Several vulnerabilities have been discovered in Squirrelmail, a commonly used webmail system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-0188 Martijn Brinkers and Ben Maurer found a flaw in webmail.php that allows remote attackers to inject...

[SECURITY] [DSA 988-1] New squirrelmail packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 988-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 8th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 756-1] New squirrelmail packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 756-1 [email protected] http://www.debian.org/security/ Martin Schulze July 13th, 2005 http://www.debian.org/security/faq -...

SquirrelMail < 1.4.5 Multiple Vulnerabilities

Binary data 3016.prm...

[SECURITY] [DSA 662-2] New squirrelmail package fixes regression

-------------------------------------------------------------------------- Debian Security Advisory DSA 662-2 [email protected] http://www.debian.org/security/ Martin Schulze March 14th, 2005 http://www.debian.org/security/faq -...

TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6

TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6 contributed by: rushjo ========================================================================= Tripbit Security Advisory TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6...

basilix bug

+--------------------------------------+ | Basilix Webmail System Vulnerability | +--------------------------------------+ Release Date : 13:49, 6 July 2001 Version Affected : Basilix Webmail System 1.0.2beta Basilix Webmail System 1.0.3beta Description : basilix lunches a file which name is read...

Basilix Webmail System *.class *.inc Permission Vulnerability

--------------------------------------------------- tamersahin.net Security Solutions Announcement --------------------------------------------------- Basilix Webmail System .class .inc Permission Vulnerability Release Date: January 12, 2001 Version Affected: Basilix Webmail System 0.9.7beta...