Horde Webmail version 5.2.22 suffers from code execution, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
f0b687fb3216938177a63fc81ec64bebd639bf70d529cb1674744db3e33e6e03
Hastymail2 Webmail version 1.1 RC2 suffers from a stored cross site scripting vulnerability.
e5603aa49a000259245c4d8c25c238c4b532a5ced67a9626f40e89c41de66dc6
T-dah Webmail version 3.2.0 suffers from stored cross site scripting vulnerabilities.
f849cce7db945350fcf31a0846493b9158d0a5016e1c297b052c01017c41218b
Roundcube Webmail version 0.8.0 suffers from multiple stored cross site scripting vulnerabilities.
6dfa0a7ef6c176b11b524cca79272af01deb78987c2cd19c827f958047b30f1e
Secunia Security Advisory - A vulnerability has been discovered in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
b721f20d6cb0edd03301b0a7b67cc066cf4228efb6aacd786bed621d160d5e47
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
6206f9b456f976185dfbf29eddaa5d17c527e68d821d2ca6e7f9c489dbbe2901
Secunia Security Advisory - A vulnerability has been discovered in WinWebMail Server, which can be exploited by malicious people to conduct script insertion attacks.
2ef03786aabafc7ae4047d0cbed5a0232cf95609bd8294225cb171dcaceab0f6
Secunia Security Advisory - Vulnerability Lab has reported multiple vulnerabilities in Inout Webmail, which can be exploited by malicious people to conduct script insertion attacks.
758f94ecb90c9ba246456f2dc018afe833005413480d232321b3edfed53a9fae
Inoutmail Webmail CMS 2012 suffers from a cross site scripting vulnerability.
d8b9e67d54c9d90d74f9052a85dac0ea25191ec820d9607b7be90a978e3b1ab3
Atmail WebAdmin and Webmail Control Panel suffers from a SQL root password disclosure vulnerability.
02f37f360dac212fc971b316fb483fdb2f286cf0500b33dcd6659f153fdbcbc9
Secunia Security Advisory - A vulnerability has been reported in IMP Webmail Client, which can be exploited by malicious people to conduct script insertion attacks.
d6b422fac87fe944fbc538345e9ab3bb1bca256c4c1d0536404c375c0847fac0
Debian Linux Security Advisory 2485-1 - Multiple cross-site scripting (XSS) vulnerabilities were discovered in IMP, the webmail component in the Horde framework. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via various crafted parameters.
78ff1a6b297a6acfa99730fd0f218b08efac99d83225398094c9aa822f41d9a5
Secunia Security Advisory - Horde have acknowledged multiple vulnerabilities in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting attacks.
35a2b4e1a3c8019f30cdc54af7d97afc842a1d7e9bcf7f70b9b5100bde1de913
Mandriva Linux Security Advisory 2012-072 - The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an e-mail message, related to a login CSRF issue. Various other issues have also been addressed.
5db9be97f39831d6baffca7927339627ba7442fb01a60c527592f9e5db93ccb8
Secunia Security Advisory - A security issue and some vulnerabilities have been reported in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and compromise a vulnerable system.
634c4ca5040e6202ce247d3ebe32467c438a2cbed30daf3eb9588a752e176121
Red Hat Security Advisory 2012-0103-01 - SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. Multiple cross-site scripting flaws were found in SquirrelMail. A remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.
040b4b10a49caa004db71999e8f7658921ee27aeb022c6727ca45cd9c27514ad
Secunia Security Advisory - Multiple vulnerabilities have been reported in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
89da727f14c2d24e819f32c4b5e1acaca9fb6cdb8fd7e5c8382985cbd278c8bb
ATMAIL WebMail Admin version 6.3.4 suffers from multiple cross site scripting / malicious script insertion vulnerabilities.
d1825163e470bdfab3ba6725c0eba4e5771e6a3c805dd474587d85ad1043ce91
ATMAIL WebMail version 6.3.4 suffers from a cross site scripting vulnerability.
30600a8dd3c1673f810efaa94ffbd5137443707ce9b0f8e7966ee1331e55e4c9
Secunia Security Advisory - Vulnerability Research Laboratory has reported a vulnerability in @Mail Webmail Client, which can be exploited by malicious users to conduct script insertion attacks.
78330a1ea82974fb0265b8c2951ff85891ecd4d90611ebc9d778dbd85de60ce9
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct cross-site scripting attacks.
28992954f5b0f19d1aabe5debf0012b275588054f6ed8addfe4e5f79387145ed
Debian Linux Security Advisory 2291-1 - Various vulnerabilities have been found in SquirrelMail, a webmail application.
bfd57caaec768d351d8f4dfd46f6825fcffeed06abe70a51896f408e20e8568b
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to bypass certain security restrictions.
d051f720e90738d482b3265792f1ecff7deb84cef0daac2cc71eb9bd290eacc8
Debian Linux Security Advisory 2204-1 - Moritz Naumann discovered that imp4, a webmail component for the horde framework, is prone to cross-site scripting attacks by a lack of input sanitizing of certain fetchmail information.
75b794e01a93ab6397be645fef518b28fe0aa9ecf3b4f695da3b856403588466
Inout Webmail suffers from a cross site scripting vulnerability.
19a7e22bb4f491ab13aba02b11265fa8009a4e3818e5d6b199ce87ab5bb1a810
Uebimiau Webmail version 3.2.0-2.0 suffers from a local file inclusion vulnerability.
7fc91fe88ddc29761c0a08cb6b86047aa397c875786e4649924f32af2a98044c