v-webmail 漏洞与 CVE 列表(8)

产品(CPE): — CVE 数: 8

v-webmail 漏洞概览

汇总 v-webmail 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

常见弱点模式包括 SQL 注入与路径处理缺陷,在 生产负载与软件部署 使用场景中可能带来 文件覆盖与数据泄露 等风险。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 188 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2008-3061 Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the to parameter. [email protected] 4.3 1.04% 2008-10-07 2026-06-16
CVE-2008-3063 SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote attackers to execute arbitrary SQL commands via the username parameter. [email protected] 7.5 1.05% 2008-10-07 2026-06-16
CVE-2008-3060 V-webmail 1.5.0 allows remote attackers to obtain sensitive information via (1) malformed input in the login page (includes/local.hooks.php) and (2) an invalid session ID, which reveals the installation path in an error message. [email protected] 5.0 1.22% 2008-10-07 2026-06-16
CVE-2006-2666 PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. [email protected] 7.5 3.56% 2006-05-30 2026-06-16
CVE-2006-2665 PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. [email protected] 7.5 8.76% 2006-05-30 2026-06-16
CVE-2006-0794 help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. [email protected] 5.0 1.39% 2006-02-19 2026-06-16
CVE-2006-0793 frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phishing attacks by referencing arbitrary websites in the rframe parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. [email protected] 5.0 1.41% 2006-02-19 2026-06-16
CVE-2006-0792 Cross-site scripting (XSS) vulnerability in preferences.personal.php in V-webmail 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the newid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. [email protected] 4.3 1.71% 2006-02-19 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence