Filtered by vendor Emumail
Subscribe
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2334 | 1 Emumail | 1 Emu Webmail | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via (1) a hex-encoded value to the variable parameter in emumail.fcgi, (2) the folder parameter in emumail.fcgi, or Javascript in the (3) username or (4) password field in the login page. | |||||
| CVE-2004-2385 | 1 Emumail | 1 Emu Webmail | 2017-07-10 | 5.0 MEDIUM | N/A |
| EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | |||||
| CVE-2002-1526 | 1 Emumail | 1 Emu Webmail | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field. | |||||
| CVE-2002-1527 | 1 Emumail | 1 Emu Webmail | 2008-09-05 | 5.0 MEDIUM | N/A |
| emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. | |||||
| CVE-2002-0531 | 1 Emumail | 3 Emumail, Emumail Red Hat Linux, Emumail Unix | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x and 5.1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter. | |||||
| CVE-2002-0532 | 1 Emumail | 3 Emumail, Emumail Red Hat Linux, Emumail Unix | 2008-09-05 | 7.2 HIGH | N/A |
| EMU Webmail allows local users to execute arbitrary programs via a .. (dot dot) in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters. | |||||