Known Vulnerabilities for products from Atmail
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Atmail".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-43574 | ** UNSUPPORTED WHEN ASSIGNED ** WebAdmin Control Panel in Atmail 6.5.0 (a version released in 2012) allows XSS via the format... | 6.1 - MEDIUM | 2021-11-15 | 2023-11-07 |
| CVE-2017-11617 | Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web s... | 6.1 - MEDIUM | 2017-07-25 | 2017-07-28 |
| CVE-2017-9519 | atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account. | 8.8 - HIGH | 2017-06-08 | 2017-06-13 |
| CVE-2017-9518 | atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails. | 8.8 - HIGH | 2017-06-08 | 2017-06-13 |
| CVE-2017-9517 | atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV. | 8.8 - HIGH | 2017-06-08 | 2017-06-13 |
| CVE-2013-6229 | Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote attackers to inject arbitrary... | 4.3 - MEDIUM | 2014-02-12 | 2018-10-09 |
| CVE-2013-6028 | Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hija... | 6.8 - MEDIUM | 2014-01-12 | 2015-08-07 |
| CVE-2013-6017 | Cross-site scripting (XSS) vulnerability in Atmail Webmail Server before 7.2 allows remote attackers to inject arbitrary web ... | 4.3 - MEDIUM | 2014-01-12 | 2016-12-31 |
| CVE-2013-5034 | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-5033 | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-5032 | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-5031 | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-2585 | Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x before 7.0.3 allows remote att... | 4.3 - MEDIUM | 2014-02-12 | 2018-10-09 |
| CVE-2012-2593 | Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers... | 6.1 - MEDIUM | 2020-02-06 | 2020-02-10 |
| CVE-2012-1920 | @Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a... | 5 - MEDIUM | 2012-03-27 | 2017-12-13 |
| CVE-2012-1919 | CRLF injection vulnerability in mime.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to... | 6.4 - MEDIUM | 2012-03-27 | 2012-08-29 |
| CVE-2012-1918 | Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in At... | 5 - MEDIUM | 2012-03-27 | 2017-12-13 |
| CVE-2012-1917 | compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ (dot dot slash) sequences ... | 5 - MEDIUM | 2012-03-27 | 2012-08-29 |
| CVE-2012-1916 | @Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to execute arbitrary code via an e-mail attach... | 7.5 - HIGH | 2012-03-27 | 2012-08-29 |
| CVE-2011-4540 | Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) 1.04 allow remote attacke... | 4.3 - MEDIUM | 2011-12-01 | 2018-01-06 |
Known software with vulnerabilities from Atmail
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Atmail | Atmail | 6.3.0 |