CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-4952

The updatemail servlet in Neon WebMail for Java before 5.08 allows remote attackers to move e-mail messages of arbitrary users between different mail folders, specified by the folderid and tofolderid parameters, via the ID parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.097

EPSS Ranking 92.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/22029
http://vuln.sg/neonmail506-en.html
http://www.securityfocus.com/bid/20109
http://www.securityfocus.com/bid/84202
https://exchange.xforce.ibmcloud.com/vulnerabilities/29087
http://secunia.com/advisories/22029
http://vuln.sg/neonmail506-en.html
http://www.securityfocus.com/bid/20109
http://www.securityfocus.com/bid/84202
https://exchange.xforce.ibmcloud.com/vulnerabilities/29087

Products affected by CVE-2006-4952

Neosys » Neon Webmail » Version: 5.06

cpe:2.3:a:neosys:neon_webmail:5.06
Neosys » Neon Webmail » Version: 5.07

cpe:2.3:a:neosys:neon_webmail:5.07

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4952

Products

Pricing

Contact Us