fkie_cve-2007-0651
Vulnerability from fkie_nvd
Published
2007-02-15 23:28
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*",
"matchCriteriaId": "D078B497-4C3C-4246-87C5-58DC5EEED452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*",
"matchCriteriaId": "97DD9EC9-1A27-4A96-95A1-086DEA1E3890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*",
"matchCriteriaId": "193959CF-DAF3-4C62-8DB0-660115E1D41B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*",
"matchCriteriaId": "8A827A0E-BDF2-4BAB-9F52-0014FE6E4B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*",
"matchCriteriaId": "82CF54A9-CF50-4B23-8E3A-AFB08F7F98F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*",
"matchCriteriaId": "51BA53BA-CDF5-42EC-8D2B-EC24FDF82931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B1E90C-AA06-4A89-90B3-0E7140F9B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*",
"matchCriteriaId": "060D809A-C603-4E06-9F57-3C76FEE6F86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*",
"matchCriteriaId": "D53DE94B-0C32-4DDB-B13B-7B05208477AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5EA901-CD07-464B-8EB0-8F845EDABAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.014:*:*:*:*:*:*:*",
"matchCriteriaId": "92B2611A-D7CF-441A-BA60-F27CF28BEB3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.015:*:*:*:*:*:*:*",
"matchCriteriaId": "7139C2FC-4DA3-4193-B130-05524EB97C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.016:*:*:*:*:*:*:*",
"matchCriteriaId": "C78B7FD6-2433-4EAA-8B3E-0507F81D54FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.017:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8B058B-F517-46C4-AC05-8EC258E38A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF16E400-930E-4845-BB23-ED1217505302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFAF9C8-DB67-446E-B63C-530CB0C170B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "08F30383-D23F-4CA5-BC02-7716398BC042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADEF40C-4C56-4893-B757-15966ED5A925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE40F5BA-6174-4959-BFD1-CCECAB138009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "430C8E86-F7CA-4217-A3C1-71CBE5CAB825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D35AD18C-CA58-4DFC-A60F-49B698607B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B219EBD1-B0E9-4599-B633-AA4C227E5854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "81249BA3-3D1D-4388-BE8D-28AB5CA3AFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "771D029C-9F4A-41F9-8F86-F1B1BD38B329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F32956E6-A13B-4663-BBC9-FEB08A1DCC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1AABE2F0-FEC1-4BDE-B1C0-92FF2CEA48E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "652F54CA-1CCA-4BC9-8728-A0F6FABF8817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.51:*:*:*:*:*:*:*",
"matchCriteriaId": "269BCB9D-9AEF-40E2-8291-50EC2A083775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.52:*:*:*:*:*:*:*",
"matchCriteriaId": "88435083-D7A8-4679-BEB1-4B6526454C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.53:*:*:*:*:*:*:*",
"matchCriteriaId": "145A8B1A-573D-4695-B66A-FF8EA2556DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.54:*:*:*:*:*:*:*",
"matchCriteriaId": "C9572349-9433-415F-B81B-10A1375AF33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "6F4AADE9-F3FB-4272-8026-58FC677D3F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*",
"matchCriteriaId": "4F785125-F530-4674-B2B3-0D97E8397391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*",
"matchCriteriaId": "5F59A308-7D1A-4C4F-A34C-27FDCF12E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*",
"matchCriteriaId": "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.101:*:*:*:*:*:*:*",
"matchCriteriaId": "652E1512-B1B1-44B5-93CF-9C526B95BA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2835FBA2-79E4-4541-913C-21BAD3320D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.103:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9449E3-1CEA-40AF-BD00-94B56E38AF5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "39724984-2A10-441F-A103-2DFA693F4F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.105:*:*:*:*:*:*:*",
"matchCriteriaId": "D01DB7FF-7171-43D2-96F3-E5C0AABA4877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.106:*:*:*:*:*:*:*",
"matchCriteriaId": "77B95FCC-55C7-4B44-B8C7-85792C7E91BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.107:*:*:*:*:*:*:*",
"matchCriteriaId": "16E07556-02E5-42FA-9338-3176EB2ED536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.108:*:*:*:*:*:*:*",
"matchCriteriaId": "539C5F71-83FC-455C-8180-72C9F1E2C4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.109:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C4D762-BF84-4734-B9AD-ED9F3FB85D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.110:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B410FC-650E-4E51-8634-D99113E8B1AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.111:*:*:*:*:*:*:*",
"matchCriteriaId": "45C6B358-93A6-4A9A-B284-9DFA9C981620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2638B249-E955-48B3-A309-EF92737E015D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.113:*:*:*:*:*:*:*",
"matchCriteriaId": "2F275DA6-7799-4B51-8F9C-DD23E8A3C5AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.114:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB961BA-8FAB-4FC5-B582-AF758E7D0E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.115:*:*:*:*:*:*:*",
"matchCriteriaId": "A400F721-435F-4EBA-8BC2-92E4769A35A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.116:*:*:*:*:*:*:*",
"matchCriteriaId": "61206A1A-FF1A-4A45-8952-509168BD8495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FD7082-AC93-426F-9DA7-50CBFFDAC07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0576FE-F0BC-4DA7-B007-7DA49F369700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2826B3D-44E0-4D4B-A681-8C3DADF522F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "662AEDE4-698E-4C78-93B4-4B915749DF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "87E5107B-BDC2-4972-A3A4-AA6782E46B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "6739BEA4-C75F-476E-AF5D-449D8236E042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.35:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD0D1C2-A067-4F86-9179-ED1C263BE5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.351:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBA085C-8A89-4625-9811-AF1B615F5939",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en MailEnable Professional versiones anteriores a 2.37 permite a atacantes remotos inyectar scripts Javascript de su elecci\u00f3n mediante (1) mensajes de correo electr\u00f3nico y (2) el par\u00e1metro ID en(a) right.asp, (b) Forms/MAI/list.asp, y (c) Forms/VCF/list.asp en mewebmail/base/default/lang/EN/."
}
],
"id": "CVE-2007-0651",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-02-15T23:28:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/33188"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/33189"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/33190"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23998"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securityreason.com/securityalert/2258"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/22554"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-38/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mailenable.com/Professional20-ReleaseNotes.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32480"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…