Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
v-webmail vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-0792
Cross-site scripting (XSS) vulnerability in preferences.personal.php in V-webmail 1.6.2 allows remote malicious users to inject arbitrary web script or HTML via the newid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third pa...
V-webmail V-webmail 1.6.1
V-webmail V-webmail 1.6.2
1 EDB exploit
5
CVSSv2
CVE-2006-0793
frameset.php in V-webmail 1.6.2 allows remote malicious users to conduct phishing attacks by referencing arbitrary websites in the rframe parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
V-webmail V-webmail 1.6.2
V-webmail V-webmail 1.6.1
5
CVSSv2
CVE-2006-0794
help.php in V-webmail 1.6.2 allows remote malicious users to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
V-webmail V-webmail 1.6.1
V-webmail V-webmail 1.6.2
7.5
CVSSv2
CVE-2006-2666
PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 up to and including 1.6.4 allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter.
V-webmail V-webmail
1 EDB exploit
7.5
CVSSv2
CVE-2006-2665
PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter.
V-webmail V-webmail
1 EDB exploit
5
CVSSv2
CVE-2008-3060
V-webmail 1.5.0 allows remote malicious users to obtain sensitive information via (1) malformed input in the login page (includes/local.hooks.php) and (2) an invalid session ID, which reveals the installation path in an error message.
V-webmail V-webmail 1.5.0
4.3
CVSSv2
CVE-2008-3061
Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the to parameter.
V-webmail V-webmail 1.5.0
7.5
CVSSv2
CVE-2008-3063
SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote malicious users to execute arbitrary SQL commands via the username parameter.
V-webmail V-webmail 1.5.0
6.8
CVSSv2
CVE-2008-6840
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) CONFIG[pear_dir] parameter to (a) Mail/RFC822.php, (b) Net/Socket.php, (c) XML/Parser.php, (d) XML/Tree.php, (e) Mail/mimeDecode.p...
Christof Bruyland V-webmail 1.6.4
13 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started