Vulnerabilities > Inter7 > Sqwebmail > 3.6.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-30 | CVE-2005-2724 | Unspecified vulnerability in Inter7 Sqwebmail Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. network inter7 | 4.3 |
2005-04-15 | CVE-2005-1308 | Unspecified vulnerability in Inter7 Sqwebmail SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML. | 7.5 |
2004-12-31 | CVE-2004-2313 | Unspecified vulnerability in Inter7 Sqwebmail Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks. | 5.0 |