Vulnerabilities > Neomail
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-02 | CVE-2006-2138 | Cross-Site Scripting vulnerability in Neomail 1.29 Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter. network neomail | 4.3 |
2006-02-15 | CVE-2006-0711 | Unspecified vulnerability in Neomail The (1) addfolder and (2) deletefolder functions in neomail-prefs.pl in NeoMail 1.28 do not validate the Session ID, which allows remote attackers to add and delete arbitrary files, when configured with homedirfolders and homedirspools disabled. | 5.0 |
2006-02-04 | CVE-2006-0536 | Cross-Site Scripting vulnerability in Neomail 1.27 Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.27 allows remote attackers to inject arbitrary web script or HTML via the sort parameter. network neomail | 4.3 |