Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messenger vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-6452
Axway Secure Messenger prior to 6.5 Updated Release 7, as used in Axway Email Firewall, provides different responses to authentication requests depending on whether the user exists, which allows remote malicious users to enumerate users via a series of requests.
Axway Email Firewall -
Axway Secure Messenger 6.3.2
Axway Secure Messenger
5.4
CVSSv3
CVE-2021-45889
An issue exists in PONTON X/P Messenger prior to 3.11.2. Several functions are vulnerable to reflected XSS, as demonstrated by private/index.jsp?partners/ShowNonLocalPartners.do?localID= or private/index.jsp or private/index.jsp?database/databaseTab.jsp or private/index.jsp?activ...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
NA
CVE-2008-6797
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote malicious users to obtain sensitive information by sniffing the network.
Mitel Mitel Nupoint Messenger R3
Mitel Mitel Nupoint Messenger R11
8.8
CVSSv3
CVE-2021-45886
An issue exists in PONTON X/P Messenger prior to 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user (such as operator) can be used to confirm actions of higher-privile...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
4.8
CVSSv3
CVE-2021-45888
An issue exists in PONTON X/P Messenger prior to 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the rol...
Ponton X\\/p Messenger 3.8.0
Ponton X\\/p Messenger 3.10.0
6.1
CVSSv3
CVE-2020-17476
Mibew Messenger prior to 3.2.7 allows XSS via a crafted user name.
Mibew Messenger
NA
CVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote malicious users to inject arbitrary web script or HTML via a URL at the online service.
Yahoo Messenger
NA
CVE-2004-0043
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature.
Yahoo Messenger
5.4
CVSSv3
CVE-2023-30095
A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field.
Totaljs Messenger -
5.4
CVSSv3
CVE-2023-30096
A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field.
Totaljs Messenger -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »