CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-7062
https://notcve.org/view.php?id=CVE-2006-7062
24 Feb 2007 — calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows remote attackers to obtain the full path of the server via an invalid d parameter, which leaks the path in an error message. calendar.php en Kamgaing Email System (kmail) 2.3 y anteriores permiten a atacantes remotos obtener la ruta completa del servidor a través de un parámetro d inválido, lo cual filtra la ruta en un mensaje de error. • http://pridels0.blogspot.com/2006/04/kmail-23-vuln.html •
CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 1CVE-2006-2104
https://notcve.org/view.php?id=CVE-2006-2104
29 Apr 2006 — Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email System (kmail) 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) d parameter to main.php, ordner parameter to (2) main.php, or (3) webdisk.php, (4) draft parameter to compose.php, or (5) m, or (6) y parameter to calendar.php. • http://pridels0.blogspot.com/2006/04/kmail-23-vuln.html •
CVSS: 5.3EPSS: 3%CPEs: 2EXPL: 3CVE-2005-0404 – KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing
https://notcve.org/view.php?id=CVE-2005-0404
13 Apr 2005 — KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. • https://www.exploit-db.com/exploits/25375 •