Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atmail atmail vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2011-4540
Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) 1.04 allow remote malicious users to inject arbitrary web script or HTML via the func parameter to (1) ldap.php or (2) search.php.
Atmail Atmail Open 1.04
1 EDB exploit
694
VMScore
CVE-2008-3579
Calacode @Mail 5.41 on Linux does not require administrative authentication for build-plesk-upgrade.php, which allows remote malicious users to obtain sensitive information by creating and downloading a backup archive of the entire @Mail directory tree. NOTE: this can be leverage...
Calacode Atmail 5.41
383
VMScore
CVE-2009-2455
Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information is unknown; the details are obtained sol...
Atmail \\@tmail 5.6.1
445
VMScore
CVE-2008-3395
Calacode @Mail 5.41 on Linux uses weak world-readable permissions for (1) webmail/libs/Atmail/Config.php and (2) webmail/webadmin/.htpasswd, which allows local users to obtain sensitive information by reading these files. NOTE: the provenance of this information is unknown; the d...
Calacode Atmail 5.41
605
VMScore
CVE-2006-6700
Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
Calacode Atmail Webmail System
383
VMScore
CVE-2007-6196
Cross-site scripting (XSS) vulnerability in util.php in Calacode @Mail prior to 5.2 allows remote malicious users to inject arbitrary web script or HTML via the func parameter.
Calacode Atmail Webmail System
383
VMScore
CVE-2006-0842
Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote malicious users to inject arbitrary web script or HTML via a modified javascript: string in the SRC attribute of an IMG element in an e-mail message, as demonstrated by "java	script:." ...
Calacode Atmail Webmail System 4.3
1000
VMScore
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4