2 results (0.018 seconds)

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows remote attackers to inject arbitrary web script or HTML via MIME text/enriched or text/richtext messages. • http://secunia.com/advisories/14777 http://www.debian.org/security/2005/dsa-700 •

CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 3

Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter. Vulnerabilidad de atravesamiento de directorios en nph-mr.cgi en Mailreader.com 2.3.20 a 2.3.31 permite a atacantes remotos ver ficheros de su elección mediante secuencias .. (punto punto) y un byte nulo (%00) en el parámetro configLanguage • https://www.exploit-db.com/exploits/21966 http://mailreader.com/download/ChangeLog http://www.debian.org/security/2004/dsa-534 http://www.iss.net/security_center/static/10490.php http://www.securityfocus.com/archive/1/297428 http://www.securityfocus.com/bid/6055 •