Vulnerabilities > CVE-2006-4952 - Unspecified vulnerability in Neosys Neon Webmail 5.06/5.07

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
neosys
exploit available
NVD
Published: 2006-09-23
Updated: 2024-11-21

Summary

The updatemail servlet in Neon WebMail for Java before 5.08 allows remote attackers to move e-mail messages of arbitrary users between different mail folders, specified by the folderid and tofolderid parameters, via the ID parameter.

Vulnerable Configurations

Part Description Count
Application
Neosys
2

Exploit-Db

descriptionNeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet Arbitrary Mail Message Manipulation. CVE-2006-4952. Webapps exploit for jsp platform
idEDB-ID:28606
last seen2016-02-03
modified2006-09-20
published2006-09-20
reporterTan Chew Keong
sourcehttps://www.exploit-db.com/download/28606/
titleNeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet Arbitrary Mail Message Manipulation

References