Published: 17/08/2004 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 450

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
merak mail server 7.4.5

source: wwwsecurityfocuscom/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerability - A PHP source code disclosure vulnerability - An SQL injection vulnerability T ...

source: wwwsecurityfocuscom/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerability - A PHP source code disclosure vulnerability - An SQL injection vulnerability Thes ...

source: wwwsecurityfocuscom/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerability - A PHP source code disclosure vulnerability - An SQL injection vulnerability ...

NVD-CWE-Other http://packetstormsecurity.nl/0408-exploits/merak527.txt http://www.securityfocus.com/bid/10966 http://www.osvdb.org/9037 http://www.osvdb.org/9038 http://www.osvdb.org/9039 http://www.osvdb.org/9040 http://www.osvdb.org/9041 http://www.osvdb.org/9042 http://secunia.com/advisories/12269 http://securitytracker.com/id?1010969 http://marc.info/?l=bugtraq&m=109279057326044&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/17024 https://nvd.nist.gov https://www.exploit-db.com/exploits/24378/

CVE-2004-1719

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect