Lucene search
K
Inter7Sqwebmail

6 matches found

CVE
CVE
added 2005/09/02 4:0 a.m.91 views

CVE-2005-2769

CVE-2005-2769 is a cross-site scripting (XSS) flaw in SqWebMail 5.0.4 and possibly other versions. The vulnerability arises when processing HTML emails that contain tags with characters like “>” that are not properly sanitized, allowing remote attackers to inject arbitrary web script or HTML. ...

4.3CVSS5.7AI score0.0273EPSS
CVE
CVE
added 2004/06/24 4:0 a.m.71 views

CVE-2004-0591

CVE-2004-0591 describes a cross-site scripting (XSS) vulnerability in SqWebMail’s print_header_uc function affecting SqWebMail 4.0.4 and earlier (possibly 3.x). An attacker can inject arbitrary script via (1) email headers or (2) a message with a “message/delivery-status” MIME type, executing in ...

6.8CVSS5.7AI score0.04973EPSS
CVE
CVE
added 2005/04/27 4:0 a.m.59 views

CVE-2005-1308

CVE-2005-1308 affects SqWebMail. The vulnerability arises from CRLF sequence handling in the redirect parameter, enabling remote injection of arbitrary HTML/script and likely XSS. Impact described across sources includes attacker-controlled script execution in users’ browsers and potential sessio...

7.5CVSS6.5AI score0.02284EPSS
CVE
CVE
added 2005/08/29 4:0 a.m.55 views

CVE-2005-2724

CVE-2005-2724 is a cross-site scripting (XSS) vulnerability in SqWebmail: the vulnerability arises from missing input sanitising in the handling of file attachments, allowing an attacker to inject arbitrary script/HTML via the Display feature. The initial description notes SqWebMail 5.0.4 as affe...

4.3CVSS5.4AI score0.01754EPSS
CVE
CVE
added 2005/09/07 4:0 a.m.54 views

CVE-2005-2820

CVE-2005-2820 is an XSS vulnerability in SqWebMail courier (Conditional Comments in Internet Explorer). The root cause is missing input sanitising in the courier/sqwebmail handling of HTML in emails, allowing remote attackers to inject script via crafted messages. Affected: SqWebMail courier depl...

4.3CVSS5.4AI score0.02172EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.50 views

CVE-2004-2313

Inter7 SqWebMail 3.4.1–3.6.1 exposes a password-guessing vulnerability: authentication responses differ for incorrect vs. correct passwords on non-mail-enabled accounts (e.g., root), enabling remote attackers to brute-force the root password. The issue is tied to the login error handling and disc...

5CVSS7AI score0.01411EPSS