Products
3- 5 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9102 | Med | 0.34 | 5.3 | 0.00 | Aug 18, 2025 | A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application… | ||
| CVE-1999-0404 | 0.04 | — | 0.10 | Feb 14, 1999 | Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. | |||
| CVE-2010-4930 | 0.03 | — | 0.03 | Oct 9, 2011 | Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action. | |||
| CVE-2000-0985 | 0.03 | — | 0.05 | Dec 19, 2000 | Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command. | |||
| CVE-2009-2455 | 0.00 | — | 0.01 | Jul 14, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information is unknown; the details are obtained solely… | |||
| CVE-2008-4045 | 0.00 | — | 0.01 | Sep 11, 2008 | Multiple cross-site scripting (XSS) vulnerabilities in @Mail 5.42 allow remote attackers to inject arbitrary web script or HTML via the (1) file and (2) HelpFile parameters to parse.php, the (3) Folder and (4) start parameters to showmail.php, and the (5) abookview parameter to… | |||
| CVE-2007-0953 | 0.00 | — | 0.01 | Feb 15, 2007 | Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | |||
| CVE-2006-6700 | 0.00 | — | 0.01 | Dec 23, 2006 | Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |
- risk 0.34cvss 5.3epss 0.00
A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application…
- CVE-1999-0404Feb 14, 1999risk 0.04cvss —epss 0.10
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.
- CVE-2010-4930Oct 9, 2011risk 0.03cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.
- CVE-2000-0985Dec 19, 2000risk 0.03cvss —epss 0.05
Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command.
- CVE-2009-2455Jul 14, 2009risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information is unknown; the details are obtained solely…
- CVE-2008-4045Sep 11, 2008risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in @Mail 5.42 allow remote attackers to inject arbitrary web script or HTML via the (1) file and (2) HelpFile parameters to parse.php, the (3) Folder and (4) start parameters to showmail.php, and the (5) abookview parameter to…
- CVE-2007-0953Feb 15, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
- CVE-2006-6700Dec 23, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.