VYPR

IMP Webmail Client

by Horde (software)

CVEs (1)

  • CVE-2007-6018Jan 11, 2008
    risk 0.00cvss epss 0.02

    IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) "purge" deleted emails via a…