Mailenable Professional@1.73 Security Vulnerabilities and Issues — Mailenable Professional@1.73 CVE List

Lucene search

MailenableMailenable Professional1.73

3 matches found

CVE•added 2007/02/15 11:28 p.m.•44 views

CVE-2007-0652

Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.

5.1CVSS6.9AI score0.02105EPSS

CVE•added 2007/01/29 4:28 p.m.•39 views

CVE-2006-6964

MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.

4CVSS5.8AI score0.00108EPSS

CVE•added 2007/02/15 11:28 p.m.•35 views

CVE-2007-0651

Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lan...

4.3CVSS5.9AI score0.02758EPSS