Postmaster
Sign in to watchby Woppoware
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2005-1652 | 0.00 | — | 0.00 | May 18, 2005 | message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to bypass authentication by modifying the email parameter. | ||
| CVE-2005-1653 | 0.00 | — | 0.01 | May 18, 2005 | Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to inject arbitrary web script or HTML via the email parameter. | ||
| CVE-2005-1651 | 0.00 | — | 0.00 | May 18, 2005 | Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the wmm parameter. | ||
| CVE-2005-1650 | 0.00 | — | 0.01 | May 18, 2005 | The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. |