CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4372
https://notcve.org/view.php?id=CVE-2007-4372
Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. Vulnerabilidad no especificada en NetWin SurgeMail 38k en Windows Server 2003 tiene impacto y vectores desconocidos. NOTA: esta información está basada en información imprecisa que proviene de una organización de venta de información de vulnerabilidades que no se coordina con los fabricantes ni libera avisos con información útil. • http://osvdb.org/46400 http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000078 •
CVSS: 7.5EPSS: 10%CPEs: 5EXPL: 0CVE-2007-2655
https://notcve.org/view.php?id=CVE-2007-2655
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution. Una vulnerabilidad no especificada en NetWin Webmail versión 3.1s-1 en SurgeMail versiones anteriores a 3.8i2, presenta un impacto desconocido y vectores de ataque remoto, posiblemente una vulnerabilidad de cadena de formato que permite la ejecución de código remota. • http://osvdb.org/35891 http://secunia.com/advisories/25207 http://www.netwinsite.com/surgemail/help/updates.htm http://www.securityfocus.com/bid/23908 http://www.vupen.com/english/advisories/2007/1755 https://exchange.xforce.ibmcloud.com/vulnerabilities/34217 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1714
https://notcve.org/view.php?id=CVE-2005-1714
Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://secunia.com/advisories/15425 http://www.vupen.com/english/advisories/2005/0576 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0846
https://notcve.org/view.php?id=CVE-2005-0846
Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field. • http://marc.info/?l=bugtraq&m=111159967417903&w=2 http://netwinsite.com/cgi/dnewsweb.cgi?cmd=article&group=netwin.surgemail&item=8814&utag= http://secunia.com/advisories/14658 http://www.security.org.sg/vuln/surgemail22g3.html •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0845
https://notcve.org/view.php?id=CVE-2005-0845
Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. (dot dot) in the attach_id parameter. • http://marc.info/?l=bugtraq&m=111159967417903&w=2 http://netwinsite.com/cgi/dnewsweb.cgi?cmd=article&group=netwin.surgemail&item=8814&utag= http://secunia.com/advisories/14658 http://www.security.org.sg/vuln/surgemail22g3.html •