Lucene search
K

4233 matches found

Exploit DB
Exploit DB
added 2002/07/15 12:0 a.m.31 views

IMHO Webmail 0.9x - Account Hijacking

source: https://www.securityfocus.com/bid/5238/info A vulnerability has been reported in the IMHO Roxen webmail module which may enable a malicious user of the webmail system to gain access to the account of another user. This issue is due to an error in configuration which may leak the REFERER f...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/07/04 12:0 a.m.78 views

Argosoft Mail Server Plus/Pro Webmail Reverse Directory Traversal

Team N.finity Security Advisory 03/07/2002 Argosoft Mail Server Plus/Pro Webmail Reverse Directory Traversal Summary =================== Argosoft Mail Server Pro contains a built-in HTTP server for webmail access. Without logging in, an attacker can do a reverse directory traversal to retrieve an...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2002/07/04 12:0 a.m.44 views

argospill.sh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team N.finity Security Advisory 03/07/2002 Argosoft Mail Server Plus/Pro Webmail Reverse Directory Traversal Summary =================== Argosoft Mail Server Pro contains a built-in HTTP server for webmail access. Without logging in, an attacker can d...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/07/04 12:0 a.m.32 views

Directory traversal in Argosoft Mail Server Plus/Pro

Webmail companent directory traversal...

3.4AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.27 views

CVE-2000-1166

Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP PHP3 code by specifying an alternate vhosts as an argument to the index.php3 program...

7AI score0.0163EPSS
Exploits0References4
CVE
CVE
added 2002/06/25 4:0 a.m.54 views

CVE-2000-1166

CVE-2000-1166 affects the Twig webmail system. The issue arises when the vhosts variable isn’t set on the site, allowing a remote attacker to inject arbitrary PHP (PHP3) code by supplying an alternate vhosts value to index.php3. Root cause: improper handling of the vhosts variable during initiali...

7.5CVSS7.4AI score0.0163EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2002/06/20 12:0 a.m.22 views

BasiliX multiple vulnerabilities

BasiliX multiple vulnerabilities PROGRAM: BasiliX VENDOR: Murat Arslan [email protected] et al. HOMEPAGE: http://basilix.org/ VULNERABLE VERSIONS: 1.1.0 and all previous versions LOGIN REQUIRED: yes some issues, no some issues SEVERITY: high DESCRIPTION: "BasiliX is a webmail application based ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/06/19 12:0 a.m.22 views

BasiliX Webmail 1.1 - Message Content Script Injection

BasiliX Webmail 1.1 - Message Content Script Injection source: https://www.securityfocus.com/bid/5060/info BasiliX is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. A script injection issue has been reported in BasiliX...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/19 12:0 a.m.45 views

BasiliX Webmail 1.1 - Message Content Script Injection

source: https://www.securityfocus.com/bid/5060/info BasiliX is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. A script injection issue has been reported in BasiliX Webmail. Script commands are not filtered from the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/05/14 12:0 a.m.16 views

NOCC 0.9.x - Webmail Script Injection

NOCC 0.9.x - Webmail Script Injection source: https://www.securityfocus.com/bid/4740/info NOCC is a web based email client implemented in PHP4. It includes support for POP3, SMTP and IMAP servers, MIME attachments and multiple languages. A script injection issue has been reported with the way...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2002/05/14 12:0 a.m.30 views

NOCC: cross-site-scripting bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following cross-site-scripting bug in NOCC: Details - ------- Product: NOCC Affected Version: 0.9.5 and maybe all versions before Immune Version: none, authors are working on it OS affected: all OS with php and mysql Vendor-URL:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2002/05/14 12:0 a.m.24 views

NOCC 0.9.x - Webmail Script Injection

source: https://www.securityfocus.com/bid/4740/info NOCC is a web based email client implemented in PHP4. It includes support for POP3, SMTP and IMAP servers, MIME attachments and multiple languages. A script injection issue has been reported with the way emails are displayed to users of NOCC...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.19 views

CVE-2001-1294

Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial of service crash in the Webmail interface via a long username and password...

6.8AI score0.02639EPSS
Exploits0References3
CVE
CVE
added 2002/05/03 4:0 a.m.51 views

CVE-2001-1283

CVE-2001-1283 affects Ipswitch IMail webmail interface (versions 7.04 and earlier). Affected component is the webmail CGI handlers (readmail.cgi and printmail.cgi); remote authenticated users can crash the service via mailbox names containing many dots or other characters, likely due to a buffer ...

7.5CVSS7.3AI score0.04135EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2002/05/03 4:0 a.m.43 views

CVE-2001-1294

CVE-2001-1294 describes a buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier, allowing remote attackers to cause a denial of service (crash) in the Webmail interface via a long username and password. The connected records confirm the affected software and the impact (availability). Root ca...

5CVSS7.2AI score0.02639EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.20 views

CVE-2001-1283

The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service crash via a mailbox name that contains a large number of . dot or other characters to programs such as 1 readmail.cgi or 2 printmail.cgi, possibly due to a buffer overflow that...

7.3AI score0.04135EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/04/04 12:0 a.m.38 views

emumail.cgi

name : emumail.cgi date : 04/04/2002 description : EMU Webmail: how to check your email from the web. severity : Low/average-risk homepage : www.emumail.com Any user can view files on the remote system: xxx/PATH/emumail.cgi?type=FILE00 The vendor were contact about that...

1.2AI score
Exploits0
Exploit DB
Exploit DB
added 2002/03/28 12:0 a.m.51 views

SquirrelMail 1.2.x - Theme Remote Command Execution

source: https://www.securityfocus.com/bid/4385/info SquirrelMail is a feature rich webmail program implemented in the PHP4 language. It is available for Linux and Unix based operating systems. SquirrelMail allows for extended functionality through a plugin system. A vulnerability has been reporte...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/03/28 12:0 a.m.18 views

SquirrelMail 1.2.x - Theme Remote Command Execution

SquirrelMail 1.2.x - Theme Remote Command Execution source: https://www.securityfocus.com/bid/4385/info SquirrelMail is a feature rich webmail program implemented in the PHP4 language. It is available for Linux and Unix based operating systems. SquirrelMail allows for extended functionality throu...

0.3AI score
Exploits0
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.21 views

CVE-2001-0857

Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter...

6.6AI score0.0349EPSS
Exploits0References7
Rows per page
Query Builder