CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 5CVE-2007-6321 – Roundcube Webmail 0.1 - CSS Expression Input Validation
https://notcve.org/view.php?id=CVE-2007-6321
Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en RoundCube webmail 0.1rc2, 2007-12-09, y versiones anteriores, cuando utiliza Internet Explorer, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de expresión que contiene los comandos. • https://www.exploit-db.com/exploits/30877 http://openmya.hacker.jp/hasegawa/security/expression.txt http://secunia.com/advisories/30734 http://securityreason.com/securityalert/3435 http://trac.roundcube.net/ticket/1484701 http://www.securityfocus.com/archive/1/484802/100/0/threaded http://www.securityfocus.com/bid/26800 https://exchange.xforce.ibmcloud.com/vulnerabilities/38981 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 31EXPL: 0CVE-2005-1819
https://notcve.org/view.php?id=CVE-2005-1819
Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before 0.11.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://secunia.com/advisories/15518 http://www.nikosoft.net/nswm •
CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 1CVE-2001-0857 – Horde IMP 2.2.x - Session Hijacking
https://notcve.org/view.php?id=CVE-2001-0857
Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter. • https://www.exploit-db.com/exploits/21151 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000437 http://marc.info/?l=bugtraq&m=100535679608486&w=2 http://marc.info/?l=bugtraq&m=100540578822469&w=2 http://www.caldera.com/support/security/advisories/CSSA-2001-039.0.txt http://www.osvdb.org/668 http://www.securityfocus.com/bid/3525 https://exchange.xforce.ibmcloud.com/vulnerabilities/7496 •