VYPR
Vendor

Imp

Products
2
CVEs
9
Across products
9
Status
Private

Products

2

Recent CVEs

9
  • CVE-2023-48974Feb 8, 2024
    risk 0.04cvss epss 0.03

    Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter.

  • CVE-2002-1527Apr 2, 2003
    risk 0.04cvss epss 0.07

    emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.

  • CVE-2007-2826May 22, 2007
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in lib/addressbook.php in Madirish Webmail 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[basedir] parameter.

  • CVE-2002-1708Dec 31, 2002
    risk 0.03cvss epss 0.04

    Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields.

  • CVE-2001-0857Dec 6, 2001
    risk 0.03cvss epss 0.03

    Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.

  • CVE-2003-0025Jan 17, 2003
    risk 0.02cvss epss 0.24

    Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

  • CVE-2002-0531Aug 12, 2002
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x and 5.1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter.

  • CVE-2000-0458Apr 22, 2000
    risk 0.00cvss epss 0.00

    The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information.

  • CVE-2000-0459Apr 22, 2000
    risk 0.00cvss epss 0.01

    IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request.