Vulnerabilities > Omail
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-05-04 | CVE-2004-1993 | Remote Command Execution Variant vulnerability in Omail Webmail 0.97.3/0.98.3/0.98.5 The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password. | 10.0 |
2003-08-19 | CVE-2003-1202 | Remote Command Execution vulnerability in Omail Webmail 0.97.3/0.98.4 The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username. | 10.0 |