cbcvebase.
CVE-2006-4951
published 2006-09-23

CVE-2006-4951: Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment, which…

PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.54%
83.0th percentile
Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename.

Affected

2 ranges
VendorProductVersion rangeFixed in
neosysneon_webmail
neosysneon_webmail
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.