VYPR
Vendor

Mail

Products
3
CVEs
8
Across products
8
Status
Private

Products

3

Recent CVEs

8
  • CVE-2025-9102MedAug 18, 2025
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application…

  • CVE-1999-0404Feb 14, 1999
    risk 0.04cvss epss 0.10

    Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.

  • CVE-2010-4930Oct 9, 2011
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.

  • CVE-2000-0985Dec 19, 2000
    risk 0.03cvss epss 0.05

    Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command.

  • CVE-2009-2455Jul 14, 2009
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information is unknown; the details are obtained solely…

  • CVE-2008-4045Sep 11, 2008
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in @Mail 5.42 allow remote attackers to inject arbitrary web script or HTML via the (1) file and (2) HelpFile parameters to parse.php, the (3) Folder and (4) start parameters to showmail.php, and the (5) abookview parameter to…

  • CVE-2007-0953Feb 15, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.

  • CVE-2006-6700Dec 23, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.