Lucene search
+L
WoppowarePostmaster

4 matches found

CVE
CVE
added 2005/05/18 4:0 a.m.55 views

CVE-2005-1650

The CVE-2005-1650 entry applies to Woppoware PostMaster 4.2.2, where the web mail service returns different error messages based on whether a user exists. This behavior allows remote attackers to enumerate valid usernames, constituting an information disclosure issue. The Red Hat and CVE records ...

5CVSS6.7AI score0.01662EPSS
CVE
CVE
added 2005/05/18 4:0 a.m.49 views

CVE-2005-1652

CVE-2005-1652 affects Woppoware PostMaster 4.2.2 (build 3.2.5). Affected component: message.htm. Root cause: remote authentication bypass via modification of the email parameter, enabling attackers to bypass login and act as the targeted user (e.g., read messages, compose messages). Public refere...

7.5CVSS7AI score0.01481EPSS
CVE
CVE
added 2005/05/18 4:0 a.m.46 views

CVE-2005-1651

The CVE-2005-1651 entry concerns Woppoware PostMaster 4.2.2 (build 3.2.5). The vulnerability is a directory traversal in the message.htm page, exploitable via .. in the wmm parameter, allowing an attacker to determine the existence of arbitrary files on the remote host. This is framed as a partia...

7.5CVSS6.8AI score0.01479EPSS
CVE
CVE
added 2005/05/18 4:0 a.m.43 views

CVE-2005-1653

Woppoware PostMaster 4.2.2 (build 3.2.5) is affected by a Cross-site Scripting (XSS) vulnerability in the message.htm page due to unsanitized input in the email parameter. This allows remote attackers to inject arbitrary web script or HTML. Root cause: improper input sanitization in the email par...

6.8CVSS5.8AI score0.01148EPSS