19 matches found
CVE-2005-1650
The web mail service in Woppoware PostMaster 4.2.2 build 3.2.5 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames...
CVE-2005-1652
message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to bypass authentication by modifying the email parameter...
CVE-2005-1653
Cross-site scripting XSS vulnerability in message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the email parameter...
EUVD-2005-1653
Malware in sbrugna...
EUVD-2005-1655
Malware in sbrugna...
EUVD-2005-1654
Malware in sbrugna...
CVE-2005-1651
Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to determine the existence of arbitrary files via a .. dot dot in the wmm parameter...
CVE-2005-1651
The CVE-2005-1651 entry concerns Woppoware PostMaster 4.2.2 (build 3.2.5). The vulnerability is a directory traversal in the message.htm page, exploitable via .. in the wmm parameter, allowing an attacker to determine the existence of arbitrary files on the remote host. This is framed as a partia...
CVE-2005-1653
Cross-site scripting XSS vulnerability in message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the email parameter...
CVE-2005-1652
message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to bypass authentication by modifying the email parameter...
CVE-2005-1650
The web mail service in Woppoware PostMaster 4.2.2 build 3.2.5 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames...
CVE-2005-1651
Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to determine the existence of arbitrary files via a .. dot dot in the wmm parameter...
CVE-2005-1652
CVE-2005-1652 affects Woppoware PostMaster 4.2.2 (build 3.2.5). Affected component: message.htm. Root cause: remote authentication bypass via modification of the email parameter, enabling attackers to bypass login and act as the targeted user (e.g., read messages, compose messages). Public refere...
CVE-2005-1653
Cross-site scripting XSS vulnerability in message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the email parameter...
CVE-2005-1650
The CVE-2005-1650 entry applies to Woppoware PostMaster 4.2.2, where the web mail service returns different error messages based on whether a user exists. This behavior allows remote attackers to enumerate valid usernames, constituting an information disclosure issue. The Red Hat and CVE records ...
CVE-2005-1652
message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to bypass authentication by modifying the email parameter...
CVE-2005-1653
Woppoware PostMaster 4.2.2 (build 3.2.5) is affected by a Cross-site Scripting (XSS) vulnerability in the message.htm page due to unsanitized input in the email parameter. This allows remote attackers to inject arbitrary web script or HTML. Root cause: improper input sanitization in the email par...
PT-2005-2627 · Woppoware · Woppoware Postmaster
Name of the Vulnerable Software and Affected Versions: Woppoware PostMaster version 4.2.2 Description: The web mail service in the affected software generates different error messages depending on whether a user exists or not. This allows remote attackers to determine valid usernames...
Woppoware Postmaster < 4.2.3 Multiple Vulnerabilities
Binary data 2896.prm...