Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open webmail open webmail vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
10
CVSSv2
CVE-2004-2284
The read_list_from_file function in vacation.pl for OpenWebmail prior to 2.32 20040629 allows remote malicious users to execute arbitrary commands via shell metacharacters in a filename argument.
Open Webmail Open Webmail 1.8
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 1.90
Open Webmail Open Webmail 2.20
Open Webmail Open Webmail 2.21
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.32
7.5
CVSSv2
CVE-2012-1916
@Mail WebMail Client in AtMail Open-Source prior to 1.05 allows remote malicious users to execute arbitrary code via an e-mail attachment with an executable extension, leading to the creation of an executable file under tmp/.
Atmail Atmail Open
7.5
CVSSv2
CVE-2005-1435
Open WebMail (OWM) prior to 2.51 20050430 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename.
Open Webmail Open Webmail
7.2
CVSSv2
CVE-2002-1385
openwebmail_init in Open WebMail 1.81 and previous versions allows local users to execute arbitrary code via .. (dot dot) sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that spec...
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 1.8
6.8
CVSSv2
CVE-2006-2190
Cross-site scripting (XSS) vulnerability in ow-shared.pl in OpenWebMail (OWM) 2.51 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the sessionid parameter in (1) openwebmail-send.pl, (2) openwebmail-advsearch.pl, (3) openwebmail-fold...
Open Webmail Open Webmail 2.01
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 2.50
Open Webmail Open Webmail
Open Webmail Open Webmail 2.41
Open Webmail Open Webmail 2.00
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 2.21
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.10
Open Webmail Open Webmail 2.20
Open Webmail Open Webmail 2.40
Open Webmail Open Webmail 1.8
Open Webmail Open Webmail 1.90
Open Webmail Open Webmail 2.32
6.8
CVSSv2
CVE-2004-0520
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail prior to 1.4.3 allows remote malicious users to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
Open Webmail Open Webmail 2.30
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.32
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
1 EDB exploit
6.8
CVSSv2
CVE-2004-0639
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and previous versions allow remote malicious users to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly ...
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.32
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3 Rc1
Open Webmail Open Webmail 2.30
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
1 EDB exploit
6.4
CVSSv2
CVE-2012-1919
CRLF injection vulnerability in mime.php in @Mail WebMail Client in AtMail Open-Source prior to 1.05 allows remote malicious users to conduct directory traversal attacks and read arbitrary files via a %0A sequence followed by a .. (dot dot) in the file parameter.
Atmail Atmail Open
6
CVSSv2
CVE-2020-12846
Zimbra prior to 8.8.15 Patch 10 and 9.x prior to 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files (exe,sh,bat,jar) in the Contact section of the mailbox ...
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.15
Synacor Zimbra Collaboration Suite 9.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »