Horde Webmail version 5.2.22 suffers from code execution, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
3a2774bb8454eb33abd06b33e79cff19
Hastymail2 Webmail version 1.1 RC2 suffers from a stored cross site scripting vulnerability.
5774bbde56560dbf01b2cb384bac46d7
T-dah Webmail version 3.2.0 suffers from stored cross site scripting vulnerabilities.
da3b6df37920aa7adb6c153a83a4d50e
Roundcube Webmail version 0.8.0 suffers from multiple stored cross site scripting vulnerabilities.
89c5f2e08a58d9093ced0edf0cb5dd57
Secunia Security Advisory - A vulnerability has been discovered in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
95098619bda89d7433571c744a3bf484
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
62016ae77cebb5a793859c9cd99e0c1f
Secunia Security Advisory - A vulnerability has been discovered in WinWebMail Server, which can be exploited by malicious people to conduct script insertion attacks.
6e37447a4cf264feda8d80e5d80589a2
Secunia Security Advisory - Vulnerability Lab has reported multiple vulnerabilities in Inout Webmail, which can be exploited by malicious people to conduct script insertion attacks.
3c521ab9f8dca745d7313d986d3eae15
Inoutmail Webmail CMS 2012 suffers from a cross site scripting vulnerability.
5c79be60f8d9872fca01f04dc56ca0d5
Atmail WebAdmin and Webmail Control Panel suffers from a SQL root password disclosure vulnerability.
5c9ac782df027f25b54222574b6cff14
Secunia Security Advisory - A vulnerability has been reported in IMP Webmail Client, which can be exploited by malicious people to conduct script insertion attacks.
2beb5bcac35db1d121a5e8884e8c01f6
Debian Linux Security Advisory 2485-1 - Multiple cross-site scripting (XSS) vulnerabilities were discovered in IMP, the webmail component in the Horde framework. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via various crafted parameters.
8330a9e867bd11a98ea504ffd5b5eff6
Secunia Security Advisory - Horde have acknowledged multiple vulnerabilities in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting attacks.
1939ce7ab65f8d74a6783fd2f0e012d1
Mandriva Linux Security Advisory 2012-072 - The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an e-mail message, related to a login CSRF issue. Various other issues have also been addressed.
7f7ad031bd4842fda2bce59bb38f463e
Secunia Security Advisory - A security issue and some vulnerabilities have been reported in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and compromise a vulnerable system.
ea9ce3486da881e5176d80a891c9cf0c
Red Hat Security Advisory 2012-0103-01 - SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. Multiple cross-site scripting flaws were found in SquirrelMail. A remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.
9446f18bb80aba02d2ea7a955548017a
Secunia Security Advisory - Multiple vulnerabilities have been reported in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
f758b16e175b92afacab6591e16971b1
ATMAIL WebMail Admin version 6.3.4 suffers from multiple cross site scripting / malicious script insertion vulnerabilities.
7f71f1e2873e26089862e8406271102a
ATMAIL WebMail version 6.3.4 suffers from a cross site scripting vulnerability.
903c76318fb7a6b43a89964d8ecad3f7
Secunia Security Advisory - Vulnerability Research Laboratory has reported a vulnerability in @Mail Webmail Client, which can be exploited by malicious users to conduct script insertion attacks.
741299bb1b28860107e16e9885be9789
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct cross-site scripting attacks.
c5563f1cc40621271e89388cc3395b06
Debian Linux Security Advisory 2291-1 - Various vulnerabilities have been found in SquirrelMail, a webmail application.
38f07346e3e190147cb8f6a58cbc1762
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to bypass certain security restrictions.
eadde08ab0dcc8cb55d6e45bc7a0c85b
Debian Linux Security Advisory 2204-1 - Moritz Naumann discovered that imp4, a webmail component for the horde framework, is prone to cross-site scripting attacks by a lack of input sanitizing of certain fetchmail information.
d3997e02b1384865fee7f27e1b6eebe1
Inout Webmail suffers from a cross site scripting vulnerability.
068c988b7e5da1150720e7a90e4edc56
Uebimiau Webmail version 3.2.0-2.0 suffers from a local file inclusion vulnerability.
bdb72afa8d9d342f43c1396ec6e37c35