Vulnerabilities > Inter7

DATE CVE VULNERABILITY TITLE RISK
2007-01-30 CVE-2007-0558 Remote Security vulnerability in Inter7 Vhostadmin 1.0
PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULES_DIR parameter.
network
low complexity
inter7
7.5
2006-05-12 CVE-2006-2346 Authentication Bypass vulnerability in Inter7 Vpopmail
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP.
network
low complexity
inter7
7.5
2006-03-10 CVE-2006-1141 Buffer Overflow vulnerability in Inter7 QmailAdmin PATH_INFO
Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable.
network
low complexity
inter7
7.5
2005-09-07 CVE-2005-2820 Unspecified vulnerability in Inter7 Sqwebmail 5.0.4
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "[if]" and "[endif]".
network
inter7
4.3
2005-09-02 CVE-2005-2769 Unspecified vulnerability in Inter7 Sqwebmail 5.0.4
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail.
network
inter7
4.3
2005-08-30 CVE-2005-2724 Unspecified vulnerability in Inter7 Sqwebmail
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature.
network
inter7
4.3
2005-04-15 CVE-2005-1308 Unspecified vulnerability in Inter7 Sqwebmail
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML.
network
low complexity
inter7
7.5
2004-12-31 CVE-2004-2313 Unspecified vulnerability in Inter7 Sqwebmail
Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks.
network
low complexity
inter7
5.0
2004-12-31 CVE-2004-2239 Multiple vulnerability in Inter7 Vpopmail Vsybase.c
Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code.
network
low complexity
inter7
7.5
2004-12-31 CVE-2004-2238 Multiple vulnerability in Inter7 Vpopmail Vsybase.c
** DISPUTED ** Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors.
network
low complexity
inter7
5.0