Vulnerabilities > Aeromail
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0411 | Unspecified vulnerability in Aeromail Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line. | 7.5 |
2002-07-26 | CVE-2002-0410 | Unspecified vulnerability in Aeromail send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded. | 5.0 |