Alt-N: >> Webadmin >> 3.0.2 Security Vulnerabilities
The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account.
CVSS Score
4.6
EPSS Score
0.012
Published
2006-09-07
Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-01-28
useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-01-28