Known Vulnerabilities for products from Atmail
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Atmail".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-31200 json | Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Sea... | 6.1 - MEDIUM | 2023-07-27 | 2023-11-07 |
| CVE-2022-30776 json | atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter. | 6.1 - MEDIUM | 2022-05-16 | 2023-11-07 |
| CVE-2021-43574 json | ** UNSUPPORTED WHEN ASSIGNED ** WebAdmin Control Panel in Atmail 6.5.0 (a version released in 2012) allows XSS via the format... | 6.1 - MEDIUM | 2021-11-15 | 2023-11-07 |
| CVE-2017-11617 json | Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web s... | 6.1 - MEDIUM | 2017-07-25 | 2017-07-28 |
| CVE-2017-9519 json | atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account. | 8.8 - HIGH | 2017-06-08 | 2017-06-13 |
| CVE-2017-9518 json | atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails. | 8.8 - HIGH | 2017-06-08 | 2017-06-13 |
| CVE-2017-9517 json | atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV. | 8.8 - HIGH | 2017-06-08 | 2017-06-13 |
| CVE-2013-6229 json | Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote attackers to inject arbitrary... | 4.3 - MEDIUM | 2014-02-12 | 2018-10-09 |
| CVE-2013-6028 json | Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hija... | 6.8 - MEDIUM | 2014-01-12 | 2015-08-07 |
| CVE-2013-6017 json | Cross-site scripting (XSS) vulnerability in Atmail Webmail Server before 7.2 allows remote attackers to inject arbitrary web ... | 4.3 - MEDIUM | 2014-01-12 | 2016-12-31 |
| CVE-2013-5034 json | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-5033 json | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-5032 json | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-5031 json | Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vu... | 10 - HIGH | 2014-01-12 | 2014-01-13 |
| CVE-2013-2585 json | Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x before 7.0.3 allows remote att... | 4.3 - MEDIUM | 2014-02-12 | 2018-10-09 |
| CVE-2012-2593 json | Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers... | 6.1 - MEDIUM | 2020-02-06 | 2020-02-10 |
| CVE-2012-1920 json | @Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a... | 5 - MEDIUM | 2012-03-27 | 2017-12-13 |
| CVE-2012-1919 json | CRLF injection vulnerability in mime.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to... | 6.4 - MEDIUM | 2012-03-27 | 2012-08-29 |
| CVE-2012-1918 json | Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in At... | 5 - MEDIUM | 2012-03-27 | 2017-12-13 |
| CVE-2012-1917 json | compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ (dot dot slash) sequences ... | 5 - MEDIUM | 2012-03-27 | 2012-08-29 |
Known software with vulnerabilities from Atmail
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Atmail | Atmail | 6.20.10 |