Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

hastymail hastymail vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2006-5262
CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and previous versions prior to 20061008 allows remote authenticated users to send arbitrary IMAP commands via a CRLF sequence in a mailbox name. NOTE: the attack crosses privilege boundaries if the IMAP server confi...
Hastymail HastymailHastymail Hastymail 1.0.1Hastymail Hastymail 1.0.2Hastymail Hastymail 1.1Hastymail Hastymail 1.2
NA
CVE-2006-5313
Hastymail 1.5 and previous versions prior to 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration prevents a us...
Hastymail Hastymail 1.0.2Hastymail Hastymail 1.1Hastymail Hastymail 1.2Hastymail HastymailHastymail Hastymail 1.0.1
NA
CVE-2011-4541
Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote malicious users to inject arbitrary web script or HTML via the rs parameter in a mailbox Drafts action.
Hastymail Hastymail2 2.0.2Hastymail Hastymail2 2.0.1Hastymail Hastymail2 2.0Hastymail Hastymail2 1.1Hastymail Hastymail2Hastymail Hastymail2 2.0.5Hastymail Hastymail2 1.0Hastymail Hastymail2 1.01Hastymail Hastymail2 2.0.4Hastymail Hastymail2 2.0.3
NA
CVE-2011-4542
Hastymail2 2.1.1 before RC2 allows remote malicious users to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox Drafts action to the default URI.
Hastymail Hastymail2 2.0Hastymail Hastymail2Hastymail Hastymail2 2.0.2Hastymail Hastymail2 2.0.1Hastymail Hastymail2 1.1Hastymail Hastymail2 2.0.5Hastymail Hastymail2 2.0.4Hastymail Hastymail2 2.0.3Hastymail Hastymail2 1.01Hastymail Hastymail2 1.0
NA
CVE-2004-2704
Hastymail 1.0.1 and previous versions (stable) and 1.1 and previous versions (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim c...
Hastymail HastymailMicrosoft Internet Explorer
NA
CVE-2009-5051
Hastymail2 before RC 8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Hastymail Hastymail2
NA
CVE-2010-4646
Cross-site scripting (XSS) vulnerability in Hastymail2 prior to 1.01 allows remote malicious users to inject arbitrary web script or HTML via a crafted background attribute within a cell in a TABLE element, related to improper use of the htmLawed filter.
Hastymail Hastymail2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook