Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 460

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to 1st Class Internet Solutions

Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote malicious users to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index script under /user/, (3) members.tagz, (4) general.tagz, (5) advanced.tagz, or (6) list.tagz.

Vulnerable Product	Search on Vulmon	Subscribe to Product
1st class internet solutions 1st class mail server 4.01

source: wwwsecurityfocuscom/bid/10089/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks 1st Class Mail Server version 401 is reported to be prone to these issues, however, it is possible that other versions are affecte ...

source: wwwsecurityfocuscom/bid/10089/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks 1st Class Mail Server version 401 is reported to be prone to these issues, however, it is possible that other versions are affec ...

source: wwwsecurityfocuscom/bid/10089/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks 1st Class Mail Server version 401 is reported to be prone to these issues, however, it is possible that other versions are ...

source: wwwsecurityfocuscom/bid/10089/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks 1st Class Mail Server version 401 is reported to be prone to these issues, however, it is possible that other versions are aff ...

source: wwwsecurityfocuscom/bid/10089/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks 1st Class Mail Server version 401 is reported to be prone to these issues, however, it is possible that other versions are a ...

source: wwwsecurityfocuscom/bid/10089/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks 1st Class Mail Server version 401 is reported to be prone to these issues, however, it is possible that other versions a ...

NVD-CWE-Other http://www.securityfocus.com/bid/10089 http://www.osvdb.org/5012 http://www.osvdb.org/5013 http://www.osvdb.org/5014 http://www.osvdb.org/5015 http://www.osvdb.org/5016 http://www.osvdb.org/5017 http://securitytracker.com/alerts/2004/Apr/1009705.html http://secunia.com/advisories/11330 https://exchange.xforce.ibmcloud.com/vulnerabilities/15815 https://nvd.nist.gov https://www.exploit-db.com/exploits/23937/

CVE-2004-2447

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect