CVE-2010-1520
published 2010-06-30CVE-2010-1520: Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to inject arbitrary web script or…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.86%
76.6th percentile
Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to inject arbitrary web script or HTML via the tznMessage parameter.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| taskfreak | taskfreak_! | <= 0.6.3 | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
| taskfreak | taskfreak_! | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
exploitdb·2010-09-20
CVE-2004-1520 IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
---
##
# $Id: imail_delete.rb 10394 2010-09-20 08:06:27Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'IMail IMAP4D Delete Overflow',
'Description' => %q{
This module exploits a buffer overflow in the 'DELETE'
command of the the IMail IMAP4D service. This vulnerability
can only be exploited with a valid username and password.
This flaw was patched in version 8.14.
},
'Author' => [ 'spoonm' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 10394 $',
'References' =>
[
[ 'CVE',
Exploit-DB
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)
exploitdb·2005-08-12
CVE-2004-1520 MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)
---
##
# $Id: mdaemon_cram_md5.rb 9583 2010-06-22 19:11:05Z todb $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow',
'Description' => %q{
This module exploits a buffer overflow in the CRAM-MD5
authentication of the MDaemon IMAP service. This
vulnerability was discovered by Muts.
},
'Author' => [ 'anonymous' ],
'License' => BSD_LICENSE,
'Version' => '$Revision: 9583 $',
'References' =>
[
[ 'CVE', '2004-1520'],
[ 'OSVDB', '
No writeups or analysis indexed.
http://osvdb.org/65846http://secunia.com/advisories/40025http://secunia.com/secunia_research/2010-78/http://www.securityfocus.com/archive/1/512078/100/0/threadedhttp://www.securityfocus.com/bid/41221http://www.taskfreak.com/original/versionshttp://osvdb.org/65846http://secunia.com/advisories/40025http://secunia.com/secunia_research/2010-78/http://www.securityfocus.com/archive/1/512078/100/0/threadedhttp://www.securityfocus.com/bid/41221http://www.taskfreak.com/original/versions
2010-06-30
Published