Shodan
Vulnerabilities
Vulnerable Software
Open Webmail:  >> Open Webmail  >> 2.00  Security Vulnerabilities
CVE-2006-2190
Cross-site scripting (XSS) vulnerability in ow-shared.pl in OpenWebMail (OWM) 2.51 and earlier allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter in (1) openwebmail-send.pl, (2) openwebmail-advsearch.pl, (3) openwebmail-folder.pl, (4) openwebmail-prefs.pl, (5) openwebmail-abook.pl, (6) openwebmail-read.pl, (7) openwebmail-cal.pl, and (8) openwebmail-webdisk.pl. NOTE: the openwebmail-main.pl vector is already covered by CVE-2005-2863.
CVSS Score
6.8
EPSS Score
0.016
Published
2006-05-04
CVE-2005-0445
Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page.
CVSS Score
4.3
EPSS Score
0.005
Published
2005-05-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved