Vulnerabilities > Netwin > Surgemail

DATE CVE VULNERABILITY TITLE RISK
2007-08-16 CVE-2007-4372 Remote Security vulnerability in Netwin Surgemail 38K
Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors.
network
low complexity
microsoft netwin
critical
 10.0
10
2007-05-14 CVE-2007-2655 USE of Externally-Controlled Format String vulnerability in Netwin Surgemail and Webmail
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.
network
low complexity
netwin CWE-134
7.5
7.5
2005-05-24 CVE-2005-1714 Unspecified vulnerability in Netwin Surgemail 3.0C2
Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
network
netwin
4.3
4.3
2005-05-02 CVE-2005-0846 Cross-Site Scripting vulnerability in Netwin Surgemail 2.2G3
Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field.
network
netwin
4.3
4.3
2005-05-02 CVE-2005-0845 Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a ..
network
low complexity
netwin
5.0
5.0
2004-12-31 CVE-2004-2548 Input Validation vulnerability in Netwin Surgemail and Webmail
Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form.
network
netwin
4.3
4.3
2004-12-31 CVE-2004-2547 Input Validation vulnerability in Netwin Surgemail and Webmail
NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.
network
high complexity
netwin
2.6
2.6
2004-12-31 CVE-2004-2537 Unspecified vulnerability in NetWin SurgeMail Webmail
Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug."
network
low complexity
netwin
critical
 10.0
10