atmail

Top products

The 15 most recently published vulnerabilities affecting atmail.

• CVE-2024-24133Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page.9.8Feb 7, 2024
• CVE-2022-31200Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field.6.1Jul 27, 2023
• CVE-2022-30776atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter.6.1May 16, 2022
• CVE-2021-43574WebAdmin Control Panel in Atmail 6.5.0 (a version released in 2012) allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer support...6.1Nov 15, 2021
• CVE-2012-2593Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.6.1Feb 6, 2020
• CVE-2017-11617Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both s...6.1Jul 25, 2017
• CVE-2017-9519atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.8.8Jun 8, 2017
• CVE-2017-9518atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails.8.8Jun 8, 2017
• CVE-2017-9517atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.8.8Jun 8, 2017
• CVE-2013-2585Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x before 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index...4.3Feb 12, 2014
• CVE-2013-6229Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) filter parameter to index.php/mail/mail/...4.3Feb 12, 2014
• CVE-2013-6028Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add user a...6.8Jan 12, 2014
• CVE-2013-6017Cross-site scripting (XSS) vulnerability in Atmail Webmail Server before 7.2 allows remote attackers to inject arbitrary web script or HTML via the body of an e-mail message, as demonstrated by the...4.3Jan 12, 2014
• CVE-2013-5034Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5031, CVE-2013-5032, and CVE-2013-5033.10.0Jan 12, 2014
• CVE-2013-5033Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5031, CVE-2013-5032, and CVE-2013-5034.10.0Jan 12, 2014