Merak Mail Server 7.4.5 - 'attachment.html?attachmentpage_text_error' Cross-Site Scripting
| EKU-ID: 29793 | CVE: CVE-2004-1719;OSVDB-9040 | OSVDB-ID: |
| Author: Criolabs | Published: 2004-07-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 29793 | CVE: CVE-2004-1719;OSVDB-9040 | OSVDB-ID: |
| Author: Criolabs | Published: 2004-07-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerability - A PHP source code disclosure vulnerability - An SQL injection vulnerability These vulnerabilities are reported to exist in versions prior to 7.5.2. /attachment.html?attachmentpage_text_error=">[XSS]