IDCVSSSummaryLast (major) updatePublished
CVE-2008-3395 5.0
Calacode @Mail 5.41 on Linux uses weak world-readable permissions for (1) webmail/libs/Atmail/Config.php and (2) webmail/webadmin/.htpasswd, which allows local users to obtain sensitive information by reading these files. NOTE: the provenance of thi
08-08-2017 - 01:31 31-07-2008 - 16:41
CVE-2008-3579 7.8
Calacode @Mail 5.41 on Linux does not require administrative authentication for build-plesk-upgrade.php, which allows remote attackers to obtain sensitive information by creating and downloading a backup archive of the entire @Mail directory tree. N
08-08-2017 - 01:32 10-08-2008 - 21:41
CVE-2006-6700 6.8
Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grac
05-09-2008 - 21:15 23-12-2006 - 01:28
CVE-2007-6196 4.3
Cross-site scripting (XSS) vulnerability in util.php in Calacode @Mail before 5.2 allows remote attackers to inject arbitrary web script or HTML via the func parameter.
29-07-2017 - 01:34 01-12-2007 - 06:46
CVE-2006-0842 4.3
Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote attackers to inject arbitrary web script or HTML via a modified javascript: string in the SRC attribute of an IMG element in an e-mail message, as demonstrated by "java	
20-07-2017 - 01:30 22-02-2006 - 02:02
Back to Top Mark selected
Back to Top