ByteOS Network

kmail

Source -

NVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2006-7062

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-7.8||HIGH

EPSS-0.33% / 55.41%

7 Day CHG~0.00%

Published-24 Feb, 2007 | 01:00

Updated-07 Aug, 2024 | 20:50

calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows remote attackers to obtain the full path of the server via an invalid d parameter, which leaks the path in an error message.

Vendor-kmail n/a

Product-kmail n/a

CVE-2006-2104

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-6.8||MEDIUM

EPSS-2.03% / 83.05%

7 Day CHG~0.00%

Published-29 Apr, 2006 | 10:00

Updated-03 Apr, 2025 | 01:03

Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email System (kmail) 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) d parameter to main.php, ordner parameter to (2) main.php, or (3) webdisk.php, (4) draft parameter to compose.php, or (5) m, or (6) y parameter to calendar.php.

Vendor-kmail n/a

Product-kmail n/a

CVE-2005-0404

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-5||MEDIUM

EPSS-4.47% / 88.65%

7 Day CHG~0.00%

Published-13 Apr, 2005 | 04:00

Updated-03 Apr, 2025 | 01:03

KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.

Vendor-kmail n/a KDE

Product-kmail kde n/a