Vulnerabilities > Open Webmail > Open Webmail > 1.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2458 | Unspecified vulnerability in Open Webmail Open Webmail Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. | 5.0 |
2004-12-31 | CVE-2004-2284 | Remote Command Execution Variant vulnerability in Open WebMail Vacation.PL The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument. | 10.0 |
2002-12-31 | CVE-2002-2410 | Information Exposure vulnerability in Open Webmail Open Webmail 1.7/1.71 openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information. | 5.0 |
2002-12-26 | CVE-2002-1385 | Unspecified vulnerability in Open Webmail Open Webmail openwebmail_init in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. | 7.2 |