Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atmail atmail vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-24133
Atmail v6.6.0 exists to contain a SQL injection vulnerability via the username parameter on the login page.
Atmail Atmail 6.6.0
Atmail Atmail 6.3.0
NA
CVE-2010-4930
Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail prior to 6.2.0 allows remote malicious users to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.
Atmail Webmail 6.1.6
Atmail Webmail 6.1.5
Atmail Webmail 6.1.4
Atmail Webmail 6.1.3
Atmail Webmail 6.1.8
Atmail Webmail 6.1.7
Atmail Webmail
Atmail Webmail 6.1.2
1 EDB exploit
8.8
CVSSv3
CVE-2017-9519
atmail prior to 7.8.0.2 has CSRF, allowing an malicious user to create a user account.
Atmail Atmail
6.1
CVSSv3
CVE-2017-11617
Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 allows remote malicious users to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes.
Atmail Atmail
8.8
CVSSv3
CVE-2017-9517
atmail prior to 7.8.0.2 has CSRF, allowing an malicious user to upload and import users via CSV.
Atmail Atmail
8.8
CVSSv3
CVE-2017-9518
atmail prior to 7.8.0.2 has CSRF, allowing an malicious user to change the SMTP hostname and hijack all emails.
Atmail Atmail
NA
CVE-2013-6229
Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) filter parameter to index.php/mail/mail/listfoldermessages/searching/true/selectFolder/INBOX/resultContext/searchResu...
Atmail Atmail 7.0.2
3 EDB exploits
NA
CVE-2006-6704
Cross-site scripting (XSS) vulnerability in the Webadmin in @Mail prior to 4.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving "unescaped data in the database."
Atmail Atmail Webadmin
6.1
CVSSv3
CVE-2022-30776
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter.
Atmail Atmail 6.5.0
NA
CVE-2006-0611
Directory traversal vulnerability in compose.pl in @Mail 4.3 and previous versions for Windows allows remote malicious users to upload arbitrary files to arbitrary locations via a .. (dot dot) in the unique parameter.
Atmail Atmail 4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »