Vulnerabilities > V Webmail > V Webmail > 1.5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-08 | CVE-2008-3061 | Remote Security vulnerability in V-Webmail 1.5.0 Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the to parameter. network v-webmail | 4.3 |
2008-10-08 | CVE-2008-3063 | SQL Injection vulnerability in V-Webmail 1.5.0 SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2008-10-08 | CVE-2008-3060 | Information Exposure vulnerability in V-Webmail 1.5.0 V-webmail 1.5.0 allows remote attackers to obtain sensitive information via (1) malformed input in the login page (includes/local.hooks.php) and (2) an invalid session ID, which reveals the installation path in an error message. | 5.0 |