Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell groupwise webaccess 6.5 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-0296
NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parame...
Novell Groupwise 6.0
Novell Groupwise Webaccess 6.5
Novell Groupwise 6.5
Novell Groupwise Webaccess 6.0
4.3
CVSSv2
CVE-2006-3817
Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 prior to 20060727 allows remote malicious users to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+A...
Novell Groupwise Webaccess 7
Novell Groupwise Webaccess 6.5
4.3
CVSSv2
CVE-2006-3818
Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 prior to 20060721 and WebAccess 7 prior to 20060727 allows remote malicious users to inject arbitrary web script or HTML via the GWAP.version parameter.
Novell Groupwise Webaccess 7
Novell Groupwise Webaccess 6.5
4.3
CVSSv2
CVE-2005-2276
Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.
Novell Groupwise Webaccess 6.5
Novell Groupwise Webaccess 6.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-4557
Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote malicious users to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an inco...
Novell Groupwise Webaccess 6.5
5
CVSSv2
CVE-2009-0274
Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 might allow remote malicious users to obtain sensitive information via a crafted URL, related to conversion of POST requests to GET requests.
Novell Groupwise 7.0
Novell Groupwise 7.02x
Novell Groupwise 8.0
Novell Groupwise 7.01
Novell Groupwise 6.5
Novell Groupwise 7.03
6.8
CVSSv2
CVE-2009-0272
Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote malicious users to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vecto...
Novell Groupwise 7.0
Novell Groupwise 7.02x
Novell Groupwise 8.0
Novell Groupwise 7.01
Novell Groupwise 6.5
Novell Groupwise 7.03
4.3
CVSSv2
CVE-2009-0273
Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other v...
Novell Groupwise 7.0
Novell Groupwise 7.02x
Novell Groupwise 8.0
Novell Groupwise 7.01
Novell Groupwise 6.5
Novell Groupwise 7.03
5
CVSSv2
CVE-2012-0410
Directory traversal vulnerability in WebAccess in Novell GroupWise prior to 8.03 allows remote malicious users to read arbitrary files via the User.interface parameter.
Novell Groupwise 7.0.4
Novell Groupwise 6.5
Novell Groupwise 6.0
Novell Groupwise 7.0
Novell Groupwise 7.03
Novell Groupwise 8.02
Novell Groupwise 5.5
Novell Groupwise 7.02
Novell Groupwise 6.5.6
Novell Groupwise 6.5.3
Novell Groupwise 8.0
Novell Groupwise 5.2
Novell Groupwise 8.00
Novell Groupwise 6.5.4
Novell Groupwise 7.01
Novell Groupwise 8.01
Novell Groupwise
Novell Groupwise 7.0.3
Novell Groupwise 6.0.1
Novell Groupwise 6.5.2
Novell Groupwise 5.57e
Novell Groupwise 6.5.7
4.3
CVSSv2
CVE-2013-1086
Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise prior to 8.0.3 HP3, and 2012 before SP2, allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onError attribute.
Novell Groupwise 2012
Novell Groupwise 7.0.4
Novell Groupwise 6.5
Novell Groupwise 6.0
Novell Groupwise 7.0
Novell Groupwise 7.03
Novell Groupwise 8.00
Novell Groupwise 8.02
Novell Groupwise 5.5
Novell Groupwise 7.02
Novell Groupwise 6.5.6
Novell Groupwise 6.5.3
Novell Groupwise 8.0
Novell Groupwise 8.03
Novell Groupwise 5.2
Novell Groupwise 6.5.4
Novell Groupwise 7.01
Novell Groupwise 8.01
Novell Groupwise
Novell Groupwise 7.0.3
Novell Groupwise 6.0.1
Novell Groupwise 6.5.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »