Atmail Webmail Server – Email Body HTML Injection

Exploit Database
106 阅读

作者： Zhao Liang

日期： 2014-01-14
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/39015/

source: https://www.securityfocus.com/bid/64779/info

Atmail Webmail Server is prone to an HTML-injection vulnerability.

Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.

Atmail 7.1.3 is vulnerable; others versions may also be affected.

last Exploits
Atmail Webmail Server – Email Body HTML Injection的更多信息

JE CMS 1.0.0 – Authentication Bypass：
WordPress Plugin Ultimate Product Catalog 3.8.6 – Arbitrary File Upload：
diafan.cms 4.3 – Multiple Vulnerabilities：
Islam Sound IV2 – ‘details.php’ SQL Injection：
Joomla! Component SMEStorage – Local File Inclusion：
WordPress Plugin BackWPup 1.4 – Multiple Information Disclosure Vulnerabilities：
Xplico 0.5.7 – ‘add.ctp’ Cross-Site Scripting (2)：
DBSite wb CMS – ‘index.php’ Multiple Cross-Site Scripting Vulnerabilities：