VYPR
Unrated severityNVD Advisory· Published Dec 23, 2006· Updated Jun 16, 2026

CVE-2006-6701

CVE-2006-6701

Description

Cross-site request forgery (CSRF) vulnerability in util.pl in @Mail WebMail 4.51, and util.php in 5.x before 5.03, allows remote attackers to modify arbitrary settings and perform unauthorized actions as an arbitrary user, as demonstrated using a settings action in the SRC attribute of an IMG element in an HTML e-mail.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Atmail/Webmail4 versions
    cpe:2.3:a:atmail:atmail_webmail:3.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:atmail:atmail_webmail:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:atmail:atmail_webmail:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:atmail:atmail_webmail:4.51:*:*:*:*:*:*:*
    • (no CPE)range: 4.51 (util.pl); 5.x <5.03 (util.php)

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.