Published: 28/01/2005 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) username parameter to login.html, (2) accountid parameter to accountsettings_add.html, or the (3) note, (4) title, and (5) location fields to calendar.html.

Vulnerable Product	Search on Vulmon	Subscribe to Product
icewarp web mail 5.3

source: wwwsecurityfocuscom/bid/12396/info Multiple remote vulnerabilities reportedly affect IceWarp Web Mail The underlying issues are due to input and access validation errors Multiple cross-site scripting and HTML injection vulnerabilities affect the vulnerable software The product is also vulnerable to a file creation with arbitra ...

source: wwwsecurityfocuscom/bid/12396/info Multiple remote vulnerabilities reportedly affect IceWarp Web Mail The underlying issues are due to input and access validation errors Multiple cross-site scripting and HTML injection vulnerabilities affect the vulnerable software The product is also vulnerable to a file creation with arbit ...

NVD-CWE-Other http://www.securityfocus.com/bid/12396 http://marc.info/?l=bugtraq&m=110693950205007&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/19147 https://nvd.nist.gov https://www.exploit-db.com/exploits/25068/

CVE-2005-0320

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect