CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2018-20924

Malware in sbrugna...

5.4CVSS5.5AI score0.00206EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-6874

Malware in sbrugna...

6.1CVSS5.5AI score0.00196EPSS

Exploits3References3

NVD•added 2018/04/07 5:29 p.m.•11 views

CVE-2018-9330

register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by the third form field to a URI under register/, a different vulnerability than CVE-2015-6942...

5.4CVSS5.7AI score0.00206EPSS

Exploits1References1

Prion•added 2018/04/07 5:29 p.m.•10 views

Cross site scripting

register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by the third form field to a URI under register/, a different vulnerability than CVE-2015-6942...

3.5CVSS5.5AI score0.00206EPSS

Exploits4References1Affected Software1

OSV•added 2018/04/07 5:29 p.m.•1 views

CVE-2018-9330

register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by the third form field to a URI under register/, a different vulnerability than CVE-2015-6942...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References1

CVE•added 2018/04/07 5:0 p.m.•51 views

CVE-2018-9330

The provided sources confirm a stored XSS vulnerability in Coremail XT3.0 (register.jsp), specifically via the third form field in a URI under register/. The OpenVAS entry refers to Coremail XT <= 3.0 Stored XSS Vulnerability, implying impact on older XT3.0 deployments. The NVD/NVD-derived ent...

5.4CVSS5.5AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/04/07 5:0 p.m.•10 views

CVE-2018-9330

register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by the third form field to a URI under register/, a different vulnerability than CVE-2015-6942...

5.5AI score0.00206EPSS

Exploits1References1

NVD•added 2017/08/29 3:29 p.m.•9 views

CVE-2015-6942

Cross-site scripting XSS vulnerability in Coremail XT3.0 allows remote attackers to inject arbitrary web script or HTML via a hyperlink in a document attachment...

6.1CVSS5.4AI score0.00196EPSS

Exploits3References1

CVE•added 2017/08/29 3:0 p.m.•45 views

CVE-2015-6942

CVE-2015-6942 is an XSS vulnerability in Coremail XT3.0, where a hyperlink embedded in a document attachment can execute arbitrary script when the recipient previews the attachment. Public details indicate a stored XSS scenario via a hyperlink in the attachment, aligning with the Coremail XT3.0 c...

6.1CVSS5.4AI score0.00196EPSS

Exploits3References1Affected Software1

Cvelist•added 2017/08/29 3:0 p.m.•14 views

CVE-2015-6942

Cross-site scripting XSS vulnerability in Coremail XT3.0 allows remote attackers to inject arbitrary web script or HTML via a hyperlink in a document attachment...

5.5AI score0.00196EPSS

Exploits3References1

seebug.org•added 2016/04/23 12:0 a.m.•180 views

盈世Coremail XT3.0 附件处存储型XSS

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2016/03/19 12:0 a.m.•38 views

盈世Coremail XT3.0版发件人地址处存储型XSS

No description provided by source...

7.1AI score

Exploits0

Packet Storm•added 2015/11/29 12:0 a.m.•120 views

CoreMail XT3.0 Cross Site Scripting

Application: CoreMail Versions Affected: XT3.0 Vendor URL: http://www.coremail.cn/ Bugs: Stored XSS Author:shack.liDBAPPSecurity Ltd Description: Coremail mail system was born in 1999, is widely used in network operators, large enterprises, government institutions, colleges and universities and...

5.8AI score0.00196EPSS

Exploits3

seebug.org•added 2015/09/16 12:0 a.m.•51 views

Coremail一处存储型跨站脚本（有触发条件）

简要描述： Coremail一处存储型跨站脚本漏洞，已申请CVE编号：CVE-2015-6942 详细说明：影响版本：XT3.0 其他版本未测试测试步骤： 1.首先创建一个带有超链接的doc文档，超链接为"javascript:alert" 2.创建一封邮件并上传附件，然后发送给需要攻击的用户可发送给任意用户。 3.受害者如果在WebMail里打开邮件并在线预览doc文档时，点击超链接，即可执行攻击代码。 4.重新将文档中的超链接换成location.href方式获取Cookie的超连接的即可...

4.3CVSS5.9AI score0.00196EPSS

Exploits3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by