Lucene search
K
AtmailAtmail Webmail

5 matches found

CVE
CVE
added 2007/05/22 9:0 p.m.56 views

CVE-2007-2825

CVE-2007-2825 affects ReadMsg.php in @Mail 5.02 and earlier, where multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, specifically using (1) links and (2) images. The vulnerability is documented across multipl...

4.3CVSS5.8AI score0.01205EPSS
CVE
CVE
added 2007/02/15 2:0 a.m.55 views

CVE-2007-0953

CVE-2007-0953 is an XSS vulnerability in the @Mail product (search.pl) up to version 4.61. The issue occurs when processing the keywords parameter in the search function, allowing remote attackers to inject arbitrary web script or HTML. Exploitation details are not provided in the connected docum...

4.3CVSS5.7AI score0.01263EPSS
CVE
CVE
added 2006/12/23 1:0 a.m.47 views

CVE-2006-6702

The connected Nessus entry for Atmail Webmail identifies CVE-2006-6702 as a cross-site scripting (XSS) flaw in Global.pm affecting Atmail Webmail 4.x prior to 4.6.1 (4.61). The vulnerability arises from an input‑validation error in Global.pm that could allow arbitrary web script or HTML to be inj...

6.8CVSS5.6AI score0.01143EPSS
CVE
CVE
added 2007/04/19 10:0 a.m.45 views

CVE-2007-2153

CVE-2007-2153 is a cross-site scripting (XSS) vulnerability in the atmail.php component of @Mail 5.0. The issue allows remote attackers to inject arbitrary web script or HTML via the username parameter. The CVSS v2 base score is 6.8 (Medium) with network attack vector, no authentication, and part...

6.8CVSS5.7AI score0.01183EPSS
CVE
CVE
added 2006/12/23 1:0 a.m.44 views

CVE-2006-6701

CVE-2006-6701 affects Atmail WebMail: CSRF in util.pl (4.51) and util.php (5.x before 5.03) enables remote manipulation of settings as another user via a crafted HTML email (SRC in IMG). Mitigation: upgrade to 5.0.3 (or later) or apply vendor patches as described in connected advisories.

7.5CVSS6.8AI score0.00956EPSS