Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hastymail hastymail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5262
CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and previous versions prior to 20061008 allows remote authenticated users to send arbitrary IMAP commands via a CRLF sequence in a mailbox name. NOTE: the attack crosses privilege boundaries if the IMAP server confi...
Hastymail Hastymail
Hastymail Hastymail 1.0.1
Hastymail Hastymail 1.0.2
Hastymail Hastymail 1.1
Hastymail Hastymail 1.2
1 EDB exploit
NA
CVE-2006-5313
Hastymail 1.5 and previous versions prior to 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration prevents a us...
Hastymail Hastymail 1.0.2
Hastymail Hastymail 1.1
Hastymail Hastymail 1.2
Hastymail Hastymail
Hastymail Hastymail 1.0.1
NA
CVE-2011-4541
Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote malicious users to inject arbitrary web script or HTML via the rs parameter in a mailbox Drafts action.
Hastymail Hastymail2 2.0.2
Hastymail Hastymail2 2.0.1
Hastymail Hastymail2 2.0
Hastymail Hastymail2 1.1
Hastymail Hastymail2
Hastymail Hastymail2 2.0.5
Hastymail Hastymail2 1.0
Hastymail Hastymail2 1.01
Hastymail Hastymail2 2.0.4
Hastymail Hastymail2 2.0.3
1 EDB exploit
NA
CVE-2011-4542
Hastymail2 2.1.1 before RC2 allows remote malicious users to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox Drafts action to the default URI.
Hastymail Hastymail2 2.0
Hastymail Hastymail2
Hastymail Hastymail2 2.0.2
Hastymail Hastymail2 2.0.1
Hastymail Hastymail2 1.1
Hastymail Hastymail2 2.0.5
Hastymail Hastymail2 2.0.4
Hastymail Hastymail2 2.0.3
Hastymail Hastymail2 1.01
Hastymail Hastymail2 1.0
1 EDB exploit
NA
CVE-2004-2704
Hastymail 1.0.1 and previous versions (stable) and 1.1 and previous versions (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim c...
Hastymail Hastymail
Microsoft Internet Explorer
NA
CVE-2009-5051
Hastymail2 before RC 8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Hastymail Hastymail2
NA
CVE-2010-4646
Cross-site scripting (XSS) vulnerability in Hastymail2 prior to 1.01 allows remote malicious users to inject arbitrary web script or HTML via a crafted background attribute within a cell in a TABLE element, related to improper use of the htmLawed filter.
Hastymail Hastymail2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started