Sign in Get started

← All vendors

Vendor

Afterlogic

Sign in to watch

Products

7

CVEs

7

Across products

15

Status

Private

Products

7

Recent CVEs

7

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2017-14597	Med	0.31	4.8	0.00		Sep 19, 2017	AdminPanel in AfterLogic WebMail 7.7 and Aurora 7.7.5 has XSS via the txtDomainName field to adminpanel/modules/pro/inc/ajax.php during addition of a domain.
CVE-2008-0333		0.04	—	0.07		Jan 17, 2008	Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the temp_filename parameter.
CVE-2007-2061		0.04	—	0.08		Apr 18, 2007	Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2012-2587		0.03	—	0.00		Aug 12, 2012	Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic MailSuite Pro 6.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with a crafted SRC attribute of (1) an IFRAME element or (2) a SCRIPT element.
CVE-2009-4743		0.03	—	0.02		Mar 26, 2010	Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters.
CVE-2008-0631		0.03	—	0.03		Feb 6, 2008	Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow remote attackers to (1) overwrite arbitrary files via the SaveToDisk method, or (2) modify files via the AddStringToFile method.
CVE-2007-5290		0.03	—	0.02		Oct 9, 2007	Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ASP before 3.4.64, WebMail Lite ASP before 4.0.11, and WebMail Lite PHP before 4.0.22; allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to login.php and the (2) mode2 parameter to default.asp in an advanced_login mode.