Vulnerabilities > Afterlogic > Webmail PRO
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-07 | CVE-2021-26294 | Path Traversal vulnerability in Afterlogic Aurora and Webmail PRO An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. | 5.0 |
2021-03-04 | CVE-2021-26293 | Path Traversal vulnerability in Afterlogic Aurora and Webmail PRO An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. | 6.8 |
2019-11-26 | CVE-2019-19129 | Cross-site Scripting vulnerability in Afterlogic Aurora and Webmail PRO Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name. | 4.3 |
2010-03-26 | CVE-2009-4743 | Cross-Site Scripting vulnerability in Afterlogic Webmail PRO 4.5 Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters. | 4.3 |