Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messenger vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-6452
Axway Secure Messenger prior to 6.5 Updated Release 7, as used in Axway Email Firewall, provides different responses to authentication requests depending on whether the user exists, which allows remote malicious users to enumerate users via a series of requests.
Axway Email Firewall -
Axway Secure Messenger 6.3.2
Axway Secure Messenger
7.8
CVSSv2
CVE-2008-6797
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote malicious users to obtain sensitive information by sniffing the network.
Mitel Mitel Nupoint Messenger R3
Mitel Mitel Nupoint Messenger R11
6.8
CVSSv2
CVE-2021-45886
An issue exists in PONTON X/P Messenger prior to 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user (such as operator) can be used to confirm actions of higher-privile...
Ponton X/p Messenger 3.10.0
Ponton X/p Messenger 3.8.0
7.5
CVSSv2
CVE-2021-45887
An issue exists in PONTON X/P Messenger prior to 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded by web application administrators, giving the attacker remote code execution on the underlying server via an i...
Ponton X/p Messenger 3.10.0
Ponton X/p Messenger 3.8.0
3.5
CVSSv2
CVE-2021-45888
An issue exists in PONTON X/P Messenger prior to 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the rol...
Ponton X/p Messenger 3.10.0
Ponton X/p Messenger 3.8.0
3.5
CVSSv2
CVE-2021-45889
An issue exists in PONTON X/P Messenger prior to 3.11.2. Several functions are vulnerable to reflected XSS, as demonstrated by private/index.jsp?partners/ShowNonLocalPartners.do?localID= or private/index.jsp or private/index.jsp?database/databaseTab.jsp or private/index.jsp?activ...
Ponton X/p Messenger 3.10.0
Ponton X/p Messenger 3.8.0
10
CVSSv2
CVE-2004-0597
Multiple buffer overflows in libpng 1.2.5 and previous versions, as used in multiple products, allow remote malicious users to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tR...
Microsoft Msn Messenger 6.1
Greg Roelofs Libpng
Microsoft Msn Messenger 6.2
Microsoft Windows Messenger 5.0
Microsoft Windows Media Player 9
Microsoft Windows Me
Microsoft Windows 98se
3 EDB exploits
2 Github repositories
9.3
CVSSv2
CVE-2007-4515
Buffer overflow in a certain ActiveX control in YVerInfo.dll prior to 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger prior to 8.1.0.419 allows remote malicious users to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info...
Yahoo Messenger
2 EDB exploits
2.6
CVSSv2
CVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote malicious users to inject arbitrary web script or HTML via a URL at the online service.
Yahoo Messenger
4.3
CVSSv2
CVE-2007-0768
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and previous versions allow user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG elem...
Yahoo Messenger
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »