Vulnerabilities > Emumail > EMU Webmail
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2385 | Multiple vulnerability in Emumail EMU Webmail 5.2.7 EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | 5.0 |
2004-12-31 | CVE-2004-2334 | Multiple vulnerability in Emumail EMU Webmail 5.2.7 Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via (1) a hex-encoded value to the variable parameter in emumail.fcgi, (2) the folder parameter in emumail.fcgi, or Javascript in the (3) username or (4) password field in the login page. network emumail | 4.3 |
2003-04-02 | CVE-2002-1527 | Path Disclosure vulnerability in Emumail EMU Webmail 5.0 emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. | 5.0 |
2003-04-02 | CVE-2002-1526 | Unspecified vulnerability in Emumail EMU Webmail 5.0 Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field. network emumail | 4.3 |