Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hastymail hastymail vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2006-5313
Hastymail 1.5 and previous versions prior to 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration prevents a us...
Hastymail Hastymail 1.0.2
Hastymail Hastymail 1.1
Hastymail Hastymail 1.2
Hastymail Hastymail
Hastymail Hastymail 1.0.1
655
VMScore
CVE-2006-5262
CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and previous versions prior to 20061008 allows remote authenticated users to send arbitrary IMAP commands via a CRLF sequence in a mailbox name. NOTE: the attack crosses privilege boundaries if the IMAP server confi...
Hastymail Hastymail
Hastymail Hastymail 1.0.1
Hastymail Hastymail 1.0.2
Hastymail Hastymail 1.1
Hastymail Hastymail 1.2
1 EDB exploit
435
VMScore
CVE-2011-4541
Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote malicious users to inject arbitrary web script or HTML via the rs parameter in a mailbox Drafts action.
Hastymail Hastymail2 2.0.2
Hastymail Hastymail2 2.0.1
Hastymail Hastymail2 2.0
Hastymail Hastymail2 1.1
Hastymail Hastymail2
Hastymail Hastymail2 2.0.5
Hastymail Hastymail2 1.0
Hastymail Hastymail2 1.01
Hastymail Hastymail2 2.0.4
Hastymail Hastymail2 2.0.3
1 EDB exploit
755
VMScore
CVE-2011-4542
Hastymail2 2.1.1 before RC2 allows remote malicious users to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox Drafts action to the default URI.
Hastymail Hastymail2 2.0
Hastymail Hastymail2
Hastymail Hastymail2 2.0.2
Hastymail Hastymail2 2.0.1
Hastymail Hastymail2 1.1
Hastymail Hastymail2 2.0.5
Hastymail Hastymail2 2.0.4
Hastymail Hastymail2 2.0.3
Hastymail Hastymail2 1.01
Hastymail Hastymail2 1.0
1 EDB exploit
383
VMScore
CVE-2004-2704
Hastymail 1.0.1 and previous versions (stable) and 1.1 and previous versions (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim c...
Hastymail Hastymail
Microsoft Internet Explorer
383
VMScore
CVE-2010-4646
Cross-site scripting (XSS) vulnerability in Hastymail2 prior to 1.01 allows remote malicious users to inject arbitrary web script or HTML via a crafted background attribute within a cell in a TABLE element, related to improper use of the htmLawed filter.
Hastymail Hastymail2
445
VMScore
CVE-2009-5051
Hastymail2 before RC 8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Hastymail Hastymail2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started