Vulnerabilities > Inter7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-30 | CVE-2007-0558 | Remote Security vulnerability in Inter7 Vhostadmin 1.0 PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULES_DIR parameter. | 7.5 |
2006-05-12 | CVE-2006-2346 | Authentication Bypass vulnerability in Inter7 Vpopmail vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP. | 7.5 |
2006-03-10 | CVE-2006-1141 | Buffer Overflow vulnerability in Inter7 QmailAdmin PATH_INFO Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable. | 7.5 |
2005-09-07 | CVE-2005-2820 | Unspecified vulnerability in Inter7 Sqwebmail 5.0.4 Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "[if]" and "[endif]". network inter7 | 4.3 |
2005-09-02 | CVE-2005-2769 | Unspecified vulnerability in Inter7 Sqwebmail 5.0.4 Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail. network inter7 | 4.3 |
2005-08-30 | CVE-2005-2724 | Unspecified vulnerability in Inter7 Sqwebmail Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. network inter7 | 4.3 |
2005-04-15 | CVE-2005-1308 | Unspecified vulnerability in Inter7 Sqwebmail SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML. | 7.5 |
2004-12-31 | CVE-2004-2313 | Unspecified vulnerability in Inter7 Sqwebmail Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks. | 5.0 |
2004-12-31 | CVE-2004-2239 | Multiple vulnerability in Inter7 Vpopmail Vsybase.c Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code. | 7.5 |
2004-10-20 | CVE-2004-0777 | USE of Externally-Controlled Format String vulnerability in Inter7 Courier-Imap Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code. | 7.5 |