Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atmail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4540
Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) 1.04 allow remote malicious users to inject arbitrary web script or HTML via the func parameter to (1) ldap.php or (2) search.php.
Atmail Atmail Open 1.04
1 EDB exploit
NA
CVE-2008-3579
Calacode @Mail 5.41 on Linux does not require administrative authentication for build-plesk-upgrade.php, which allows remote malicious users to obtain sensitive information by creating and downloading a backup archive of the entire @Mail directory tree. NOTE: this can be leverage...
Calacode Atmail 5.41
NA
CVE-2009-2455
Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information is unknown; the details are obtained sol...
Atmail \\@tmail 5.6.1
NA
CVE-2008-3395
Calacode @Mail 5.41 on Linux uses weak world-readable permissions for (1) webmail/libs/Atmail/Config.php and (2) webmail/webadmin/.htpasswd, which allows local users to obtain sensitive information by reading these files. NOTE: the provenance of this information is unknown; the d...
Calacode Atmail 5.41
NA
CVE-2007-6196
Cross-site scripting (XSS) vulnerability in util.php in Calacode @Mail prior to 5.2 allows remote malicious users to inject arbitrary web script or HTML via the func parameter.
Calacode Atmail Webmail System
NA
CVE-2006-6700
Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
Calacode Atmail Webmail System
NA
CVE-2006-0842
Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote malicious users to inject arbitrary web script or HTML via a modified javascript: string in the SRC attribute of an IMG element in an e-mail message, as demonstrated by "java	script:." ...
Calacode Atmail Webmail System 4.3
NA
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4