Vulnerabilities > Inter7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-06 | CVE-2004-0591 | HTML Injection vulnerability in Inter7 Sqwebmail 4.0.4 Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type. network inter7 | 6.8 |
| 2004-04-15 | CVE-2004-0224 | Remote Buffer Overflow vulnerability in Courier Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range." | 7.5 |
| 2003-04-11 | CVE-2002-1414 | Local Buffer Overflow vulnerability in qmailadmin Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable. | 4.6 |
| 2003-02-19 | CVE-2003-0040 | SQL Injection vulnerability in Courier-IMAP Username SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name. | 7.5 |
| 2001-09-04 | CVE-2001-0990 | Authentication Data Recovery vulnerability in Inter7 vpopmail MySQL Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library. | 4.6 |
| 2000-01-21 | CVE-2000-0091 | Unspecified vulnerability in Inter7 Vpopmail Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | 10.0 |