Activewebsoftwares Active Web Mail vulnerabilities
2 known vulnerabilities affecting activewebsoftwares/active_web_mail.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2008-5973P3HIGHCVSS 7.5PoCv4.02009-01-27
CVE-2008-5973 [HIGH] CWE-89 CVE-2008-5973: SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute
SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
nvd
CVE-2008-6873P3HIGHCVSS 7.5PoCv4.02009-07-23
CVE-2008-6873 [HIGH] CWE-89 CVE-2008-6873: SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx.
nvd