Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open webmail open webmail 1.7 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2002-1385
openwebmail_init in Open WebMail 1.81 and previous versions allows local users to execute arbitrary code via .. (dot dot) sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that spec...
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 1.8
5
CVSSv2
CVE-2002-2410
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote malicious users to identify valid usernames via brute force attacks and obtain certain configuration and...
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 1.71
5
CVSSv2
CVE-2004-2458
Open WebMail 2.30 and previous versions, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote malicious users to create arbitrary directories.
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 1.90
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 1.8
Open Webmail Open Webmail 1.81
10
CVSSv2
CVE-2004-2284
The read_list_from_file function in vacation.pl for OpenWebmail prior to 2.32 20040629 allows remote malicious users to execute arbitrary commands via shell metacharacters in a filename argument.
Open Webmail Open Webmail 1.8
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 1.90
Open Webmail Open Webmail 2.20
Open Webmail Open Webmail 2.21
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.32
4.3
CVSSv2
CVE-2006-3229
Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released prior to 05/12/2006, allows remote malicious users to inject arbitrary web script or HTML via the (1) To and (2) From fields in openwebmail-main.pl, and possibly (3) other unspecified...
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 2.41
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 2.21
Open Webmail Open Webmail 2.51
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.5
Open Webmail Open Webmail 2.20
Open Webmail Open Webmail 1.8
Open Webmail Open Webmail 1.90
Open Webmail Open Webmail 2.32
Open Webmail Open Webmail
4.3
CVSSv2
CVE-2006-3233
Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Open WebMail (OWM) 2.52, and other versions released prior to 06/18/2006, allows remote malicious users to inject arbitrary web script or HTML via the from field. NOTE: some third party sources have mentioned the ...
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 2.41
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 2.21
Open Webmail Open Webmail 2.51
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.5
Open Webmail Open Webmail 2.20
Open Webmail Open Webmail 1.8
Open Webmail Open Webmail 1.90
Open Webmail Open Webmail 2.32
Open Webmail Open Webmail
6.8
CVSSv2
CVE-2006-2190
Cross-site scripting (XSS) vulnerability in ow-shared.pl in OpenWebMail (OWM) 2.51 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the sessionid parameter in (1) openwebmail-send.pl, (2) openwebmail-advsearch.pl, (3) openwebmail-fold...
Open Webmail Open Webmail 2.01
Open Webmail Open Webmail 1.7
Open Webmail Open Webmail 2.50
Open Webmail Open Webmail
Open Webmail Open Webmail 2.41
Open Webmail Open Webmail 2.00
Open Webmail Open Webmail 1.81
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 2.21
Open Webmail Open Webmail 1.71
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.10
Open Webmail Open Webmail 2.20
Open Webmail Open Webmail 2.40
Open Webmail Open Webmail 1.8
Open Webmail Open Webmail 1.90
Open Webmail Open Webmail 2.32
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started