GCVE - cpe:2.3:a:atmail:atmail_webmail:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:atmail:atmail_webmail:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Atmail (`f3faa2b7-dbb1-5d22-a5dd-fec1b3085bc2`)
Product	Atmail Webmail (`848d10db-3ad1-5cdd-8bbb-ec127e62ed8e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/bigbluehat/atmailopen`	purl2cpe	2026-06-01 10:13:20.561089

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-2825`	vulnerable	2026-06-08 04:49:46.219711	Details available Multiple cross-site scripting (XSS) vulnerabilities in ReadMsg.php in @Mail 5.02 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) links and (2) images. Published: 2007-05-22T21:00:00.000Z Updated: 2024-08-07T13:49:57.603Z Open on db.gcve.eu Reference links http://terra.calacode.com/mail/docs/changelog.html https://exchange.xforce.ibmcloud.com/vulnerabilities/34376 http://www.securityfocus.com/bid/24260 http://secunia.com/advisories/25506 http://osvdb.org/36826	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-2153`	vulnerable	2026-06-08 04:49:44.228107	Details available Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter. Published: 2007-04-19T10:00:00.000Z Updated: 2024-08-07T13:23:50.878Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/465378/100/100/threaded http://securityreason.com/securityalert/2594 http://www.securityfocus.com/bid/23428 https://exchange.xforce.ibmcloud.com/vulnerabilities/33591 http://www.majorsecurity.de/index_2.php?major_rls=major_rls43	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-6702`	vulnerable	2026-06-08 04:49:29.519401	Details available Cross-site scripting (XSS) vulnerability in Global.pm in @Mail before 4.61 allows remote attackers to inject arbitrary web script or HTML via crafted e-mail messages. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Published: 2006-12-23T01:00:00.000Z Updated: 2024-08-07T20:33:59.986Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2006/5127 http://support.atmail.com/changelog.html http://kb.atmail.com/view_article.php?num=669	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.