Horde Webmail version 5.2.22 suffers from code execution, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
f0b687fb3216938177a63fc81ec64bebd639bf70d529cb1674744db3e33e6e03
RedTeam Pentesting discovered a cross site scripting vulnerability in the RSS Feed Reader functionality of the IceWarp WebMail Server version 9.4.1.
2e42bb622a4dacec0f1d67284d402b1e44a4ff14fc4806b9b6687a5519290755
RedTeam Pentesting discovered a cross site scripting vulnerability in the email view functionality of the IceWarp WebMail Server version 9.4.1.
be9d226aa71cc93ab771906c27964b60cf90a9dae3f3bbee7765178365179c33
Secunia Security Advisory - A vulnerability has been reported in Horde IMP and Horde Groupware Webmail Edition, which can be exploited by malicious users to conduct spoofing attacks.
5134bbb4aa279d2ed3d3b858d36869237b618c6735e6ff5dc4f4c74488d506c3
Debian Security Advisory 1770-1 - Several vulnerabilities have been found in imp4, a webmail component for the horde framework.
2bc659c483d53207af6ea1ebe8ca483997377528e4791430f6ac0583e8d0109d
Secunia Security Advisory - Julien Cayssol has reported a vulnerability in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
c624a654afdd06714b80e09d734a0ec27e6dad3f90eba7d34ec3c907668b3c2f
RoundCube Webmail versions 0.2b and below remote code execution exploit.
f510b021ba4086a9fe8abba8d5295afa395890c7b73d7ad0f34567a43f3aa689
RoundCube Webmail versions 0.2-3 Beta and below suffer from a remote code execution vulnerability.
6f1e717d91ae7845d24e204d2ad541c1ad9795b646ca4e880f3445f8d655db66
Secunia Security Advisory - A vulnerability has been discovered in RoundCube Webmail, which can be exploited by malicious people to compromise a vulnerable system.
421cecd020bb32be164d5e3d903a80b784f1d1b463153cd339e4aa084a34433a
Debian Security Advisory 168201 - Ivan Markovic discovered that SquirrelMail, a webmail application, did not sufficiently sanitise incoming HTML email, allowing an attacker to perform cross site scripting through sending a malicious HTML email.
b37e6d28638f92ee2556f72ac25b124f3a8848d6bb63479f35654cda8a3da5b7
U-Mail Webmail version 4.91 suffers from an arbitrary file write vulnerability.
f9f8d110fd4355bc2b7bf47b11946943d01c986403ffb69a8a7427b881900940
Secunia Security Advisory - C1c4Tr1Z has discovered some vulnerabilities in @Mail WebMail, which can be exploited by malicious people to conduct cross-site scripting attacks.
36b99e246ec540a10e5deaf5e04d7adda569a0a144a80bea4f4c9550036f4d7b
V-Webmail version 1.6.4 suffers from a remote file inclusion vulnerability.
30dc271e0bfaccdbf92d3d7767417cc117cba17fad430525490f8e3cb2caf6fc
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
e0c2095e51c552e61d8cf8361bb6075b73859760ad5f7a60a8c599a7cb43204b
Horde Webmail suffers from a cross site scripting vulnerability in addevent.php.
8bab3be0ae71488b8fa438d28d35ffcf680a84400d8b911e4b97523ae6599f43
Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in NetWin WebMail, which potentially can be exploited by malicious people to compromise a vulnerable system.
52969dc297025482b913e510c3816cb8c874cec95dd77271ed264341b3e0d03a
SurgeMail Mail Server version 38k4 and below and beta 39a along with Netwin's Webmail versions 3.1s and below are all susceptible to format string and buffer overflow vulnerabilities.
e952fa697baa5cd7cf0a4446ed1145fc6c1002df334d007bd01ff29eac866b6d
Proof of concept exploit for SurgeMail Mail Server version 38k4 and below and beta 39a along with Netwin's Webmail versions 3.1s and below which are all susceptible to format string and buffer overflow vulnerabilities.
3ebc17681f8932c74d7d95a7919503694f0afc2cd52cdc3dfd28a63cb7718bd8
Secunia Security Advisory - -=M.o.B=- has reported a vulnerability in MailBee WebMail Pro, which can be exploited by malicious people to disclose sensitive information.
5082e070b372cad9ea3d73d1445fa03493df23d0b32f607d19ce53e630a03232
MailBee WebMail Pro version 4.1 suffers from a remote file disclosure vulnerability.
1f8a66617da5a4d95951635a9e0eefca05834e5215a5e9990ddfcb14bcf22dd7
Secunia Security Advisory - Secunia Research has discovered a vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
4752ef03f129a50e41a8802ba6681091496d1c8740d84d41f3d81ff431981ef5
SurgeMail version 38k4 webmail Host header denial of service exploit.
49a73d329f08f1ae216aa0a1afcac1586fb07eb9337bcfd4563e094053c43add
Proof of concept exploit for Roundcube webmail that demonstrates cross site scripting issues.
d00b7e13f833039a92b08ef1378623811397b7f0ed11d7c802cd37fd0547d0fb
Roundcube webmail does not sanitize payloads allowing for cross site scripting attacks to occur when used in conjunction with Microsoft Internet Explorer.
c514bf2d0203e08d52a83ae70c6057b6b34aa94e6ae734ad3ea9440554fa18ed
Secunia Security Advisory - Ivan Javier Sanchez has reported some vulnerabilities in MailBee WebMail, which can be exploited by malicious people to conduct cross-site scripting attacks.
7ef4fd87e68b174965a3ad41549bd00cc75d8e1123408f07675f98841e74ed10
MailBee WebMail Pro versions 3.4 and below suffer from multiple cross site scripting vulnerabilities.
8528c171be555127dcec55a5c69531d596d97e13c0855c8f559060209ec22542