Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS

ID SSV:78111
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.

The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities.
The vulnerabilities reported are:
- Multiple cross-site scripting vulnerabilities
- An HTML injection vulnerability
- A PHP source code disclosure vulnerability
- An SQL injection vulnerability
These vulnerabilities are reported to exist in versions prior to 7.5.2.