Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-3170 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau Webmail allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to redirect.php or (2) the selected_theme parameter to demo/pop3/error.php.
|
29-07-2017 - 01:32 | 11-06-2007 - 22:30 | |
CVE-2007-3172 | 5.0 |
Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in the selected_theme parameter.
|
29-07-2017 - 01:32 | 11-06-2007 - 22:30 | |
CVE-2007-3171 | 5.0 |
Uebimiau Webmail allows remote attackers to obtain sensitive information via a request to demo/pop3/error.php with an invalid value of the (1) smarty or (2) selected_theme parameter, which reveals the path in various error messages.
|
29-07-2017 - 01:32 | 11-06-2007 - 22:30 |