CVSS: 4.3EPSS: 5%CPEs: 2EXPL: 1CVE-2007-2718 – CommuniGate Pro 5.1.8 - Web Mail HTML Injection
https://notcve.org/view.php?id=CVE-2007-2718
Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el sistema WebMail de Stalker CommuniGate Pro 5.1.8 y anteriores, utilizando Microsoft Internet Explorer, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante etiquetas STYLE manipuladas artesanalmente. • https://www.exploit-db.com/exploits/30027 http://marc.info/?l=full-disclosure&m=117900749209206&w=2 http://osvdb.org/36017 http://secunia.com/advisories/25250 http://www.communigate.com/CommuniGatePro/History51.html http://www.scanit.be/advisory-2007-05-12.html http://www.securityfocus.com/bid/23950 http://www.securitytracker.com/id?1018048 http://www.vupen.com/english/advisories/2007/1795 https://exchange.xforce.ibmcloud.com/vulnerabilities/34266 •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0CVE-2006-3477
https://notcve.org/view.php?id=CVE-2006-3477
Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service (server crash) via unspecified vectors involving opening an empty inbox. Vulnerabilidad no especificada en el servicio POP de Stalker CommuniGate Pro 5.1c1 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída de servidor) a través de vectores no especificados involucrando la apertura de un buzón de entrada vacío. • http://secunia.com/advisories/20905 http://www.communigate.com/CommuniGatePro/History.html http://www.securityfocus.com/bid/18770 http://www.vupen.com/english/advisories/2006/2632 https://exchange.xforce.ibmcloud.com/vulnerabilities/27500 •
CVSS: 7.5EPSS: 31%CPEs: 14EXPL: 1CVE-2006-0468 – CommuniGate Pro 5.0.6 - Server LDAP Denial of Service
https://notcve.org/view.php?id=CVE-2006-0468
CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite. • https://www.exploit-db.com/exploits/27144 http://secunia.com/advisories/18640 http://www.gleg.net/advisory_cg.shtml http://www.securityfocus.com/archive/1/423364/100/0/threaded http://www.securityfocus.com/bid/16407 http://www.stalker.com/CommuniGatePro/History.html http://www.vupen.com/english/advisories/2006/0364 https://exchange.xforce.ibmcloud.com/vulnerabilities/24409 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2005-2861
https://notcve.org/view.php?id=CVE-2005-2861
Cross-site scripting (XSS) vulnerability in N-Stealth Commercial Edition before 5.8.0.38 and Free Edition before 5.8.1.03 allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report. • http://seclists.org/lists/vulnwatch/2005/Jul-Sep/0032.html http://www.cybsec.com/vuln/010905-multiple_webscanner_script_injection.pdf http://www.securityfocus.com/bid/14717 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2005-1007
https://notcve.org/view.php?id=CVE-2005-1007
Unknown vulnerability in the LIST functionality in CommuniGate Pro before 4.3c3 allows remote attackers to cause a denial of service (server crash) via certain multipart messages. • http://secunia.com/advisories/14604 http://www.osvdb.org/15257 http://www.stalker.com/CommuniGatePro/History.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19961 •