CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2820
https://notcve.org/view.php?id=CVE-2005-2820
07 Sep 2005 — Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "[if]" and "[endif]". • http://marc.info/?l=bugtraq&m=112607033030475&w=2 •
CVSS: 6.1EPSS: 11%CPEs: 1EXPL: 4CVE-2005-2769 – SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection
https://notcve.org/view.php?id=CVE-2005-2769
02 Sep 2005 — Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail. • https://www.exploit-db.com/exploits/26200 •
CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 0CVE-2005-2724
https://notcve.org/view.php?id=CVE-2005-2724
29 Aug 2005 — Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer. • http://marc.info/?l=bugtraq&m=112490698219531&w=2 •
CVSS: 7.5EPSS: 3%CPEs: 9EXPL: 1CVE-2005-1308 – SqWebMail 3.x/4.0 - HTTP Response Splitting
https://notcve.org/view.php?id=CVE-2005-1308
15 Apr 2005 — SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML. • https://www.exploit-db.com/exploits/25534 •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2004-2313
https://notcve.org/view.php?id=CVE-2004-2313
31 Dec 2004 — Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks. • http://www.securityfocus.com/archive/1/352317 •
CVSS: 6.8EPSS: 12%CPEs: 1EXPL: 2CVE-2004-0591 – SqWebMail 4.0.4.20040524 - Email Header HTML Injection
https://notcve.org/view.php?id=CVE-2004-0591
24 Jun 2004 — Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la función print_header_uc de SqWebMail 4.0.4 y anteriores, y posiblemente 3.x, permite a atacantes remotos inyectar script web arbitrario o HTML mediante (1) cabec... • https://www.exploit-db.com/exploits/24227 •
CVSS: 9.8EPSS: 3%CPEs: 22EXPL: 0CVE-2004-0224
https://notcve.org/view.php?id=CVE-2004-0224
16 Mar 2004 — Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range." Múltiples desobordamientos de búfer en (1) iso2022jp.c o (2) shiftjis.c de Courier-IMAP anteriores a 3.0.0, Courier anteriores a 0.45, y SQWebMail anteriores a 4.0.0 pueden permitir a atacantes remotos ejecutar código arbitrario "cuando el carácter Unicode está fuera de ... • http://secunia.com/advisories/11087 •