Lucene search
K

60 matches found

NVD
NVD
added 2012/03/27 7:55 p.m.18 views

CVE-2012-1917

compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ dot dot slash sequences in the unique parameter, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ..././ dot dot dot slash dot slash sequence...

5CVSS6.7AI score0.02267EPSS
Exploits0References4
Prion
Prion
added 2012/03/27 7:55 p.m.13 views

Information disclosure

@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...

5CVSS6.9AI score0.0271EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2012/03/27 7:55 p.m.15 views

Code injection

@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to execute arbitrary code via an e-mail attachment with an executable extension, leading to the creation of an executable file under tmp/...

7.5CVSS8.3AI score0.03423EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2012/03/27 7:55 p.m.16 views

Directory traversal

compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ dot dot slash sequences in the unique parameter, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ..././ dot dot dot slash dot slash sequence...

5CVSS7.2AI score0.02267EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/03/27 7:0 p.m.25 views

CVE-2012-1916

@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to execute arbitrary code via an e-mail attachment with an executable extension, leading to the creation of an executable file under tmp/...

7.7AI score0.03423EPSS
Exploits0References4
CVE
CVE
added 2012/03/27 7:0 p.m.38 views

CVE-2012-1917

CVE-2012-1917 affects AtMail Open-Source (compose.php in the @Mail WebMail Client) prior to version 1.05. The root cause is improper handling of ../ sequences in the unique parameter, allowing remote attackers to perform directory traversal and read arbitrary files via a ..././ sequence. Document...

5CVSS6.9AI score0.02267EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/03/27 7:0 p.m.40 views

CVE-2012-1916

CVE-2012-1916 affects the @Mail WebMail Client in AtMail Open-Source prior to version 1.05. The issue allows remote attackers to execute arbitrary code by delivering an email with an attachment that has an executable extension, resulting in creation of an executable file under tmp/. This is descr...

7.5CVSS8AI score0.03423EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/03/27 7:0 p.m.36 views

CVE-2012-1919

CVE-2012-1919 affects AtMail Open-Source’s @Mail WebMail Client (mime.php) prior to version 1.05. The vulnerability is a CRLF injection that allows a remote attacker to perform directory traversal and read arbitrary files by injecting a %0A sequence followed by .. in the file parameter, enabling ...

6.4CVSS7.2AI score0.02067EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/03/27 7:0 p.m.40 views

CVE-2012-1920

The CVE-2012-1920 issue affects the @Mail WebMail Client in AtMail Open-Source 1.04 and earlier. A remote attacker can obtain configuration information by issuing a direct request to install/info.php, which calls phpinfo. This is an information-disclosure vulnerability in the WebMail component. T...

5CVSS6.5AI score0.0271EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/03/27 7:0 p.m.43 views

CVE-2012-1918

CVE-2012-1918 affects AtMail Open-Source WebMail Client (before 1.05). Vulnerable components are compose.php and libs/Atmail/SendMsg.php, with a directory traversal flaw that allows remote attackers to read arbitrary files via a .. in the Attachment[] parameter. Impact described as reading arbitr...

5CVSS7AI score0.0364EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/03/27 7:0 p.m.23 views

CVE-2012-1917

compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ dot dot slash sequences in the unique parameter, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ..././ dot dot dot slash dot slash sequence...

6.7AI score0.02267EPSS
Exploits0References4
Cvelist
Cvelist
added 2012/03/27 7:0 p.m.19 views

CVE-2012-1920

@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...

6.3AI score0.0271EPSS
Exploits0References4
CERT
CERT
added 2012/03/22 12:0 a.m.23 views

@Mail Open webmail client contains multiple vulnerabilities

Overview The @Mail Open 1.04 webmail client contains multiple vulnerabilities including; unrestricted upload of file with dangerous type CWE-434, relative path traversal CWE-23, external control of file name or path CWE-73, and information exposure CWE-200. Description The @Mail Open 1.04 webmail...

7.5AI score
Exploits0References6
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.28 views

Fedora Update for roundcubemail FEDORA-2008-5333

Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2008-5333 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

4.3CVSS0.05439EPSS
Exploits1References2
seebug.org
seebug.org
added 2009/02/10 12:0 a.m.15 views

Yet Another NOCC <= 0.1.0 Local File Inclusion Vulnerability

No description provided by source. Yet Another NOCC 0.1.0 = Local File Inclusion Vulnerabilities YANOCC is a simple and fast webmail client which can handle POP3, SMTP, and IMAP servers. YANOCC is based on NOCC's code and is written with PHP4. It features multi-language support, MIME attachments,...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/02/09 12:0 a.m.24 views

Yet Another NOCC 0.1.0 - Local File Inclusion

Yet Another NOCC 0.1.0 - Local File Inclusion Yet Another NOCC 0.1.0 = Local File Inclusion Vulnerabilities YANOCC is a simple and fast webmail client which can handle POP3, SMTP, and IMAP servers. YANOCC is based on NOCC's code and is written with PHP4. It features multi-language support, MIME...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/09 12:0 a.m.35 views

Yet Another NOCC 0.1.0 - Local File Inclusion

Yet Another NOCC 0.1.0 = Local File Inclusion Vulnerabilities YANOCC is a simple and fast webmail client which can handle POP3, SMTP, and IMAP servers. YANOCC is based on NOCC's code and is written with PHP4. It features multi-language support, MIME attachments, displays HTML messages, address...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/02/09 12:0 a.m.15 views

Yet Another NOCC <= 0.1.0 Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ Yet Another NOCC = 0.1.0 Local File Inclusion Vulnerability ============================================================ Yet Another NOCC 0.1.0 = Local File Inclusion...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/02/09 12:0 a.m.18 views

Yet Another NOCC 0.1.0 Local File Inclusion

Yet Another NOCC 0.1.0 = Local File Inclusion Vulnerabilities YANOCC is a simple and fast webmail client which can handle POP3, SMTP, and IMAP servers. YANOCC is based on NOCC's code and is written with PHP4. It features multi-language support, MIME attachments, displays HTML messages, address...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/11/21 12:0 a.m.14 views

MDaemon WorldClient < 10.0.2 Script Injection

Binary data 4765.prm...

5CVSS7.3AI score0.01182EPSS
Exploits0References2
Rows per page
Query Builder