Activewebsoftwares: >> Active Web Mail >> 4.0 Security Vulnerabilities
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-07-23
SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-01-27