VYPR

Neon Webmail

by Neosys

CVEs (6)

  • CVE-2006-4955Sep 23, 2006
    risk 0.04cvss epss 0.08

    Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the (1) savefolder and (2) savefilename parameters.

  • CVE-2006-4952Sep 23, 2006
    risk 0.04cvss epss 0.08

    The updatemail servlet in Neon WebMail for Java before 5.08 allows remote attackers to move e-mail messages of arbitrary users between different mail folders, specified by the folderid and tofolderid parameters, via the ID parameter.

  • CVE-2006-4954Sep 23, 2006
    risk 0.04cvss epss 0.08

    The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote attackers to modify information of arbitrary users, as demonstrated by modifying (1) passwords and (2) permissions, (3) viewing profile settings, and (4)…

  • CVE-2006-4956Sep 23, 2006
    risk 0.03cvss epss 0.05

    Cross-site scripting (XSS) vulnerability in the updateuser servlet in Neon WebMail for Java before 5.08 allows remote attackers to inject arbitrary web script or HTML via the in_name parameter, as used by the Name field.

  • CVE-2006-4953Sep 23, 2006
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary SQL commands via the (1) adr_sortkey and (2) adr_sortkey_desc parameters in the (a) addrlist servlet, and the (3) sortkey and (4) sortkey_desc parameters in…

  • CVE-2006-4951Sep 23, 2006
    risk 0.00cvss epss 0.03

    Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename.