Open Xchange
Approved changes feed: RSS · Atom
cpe:2.3:a:open-xchange:open-xchange:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Open Xchange (85b486f1-55be-55d2-8b83-a25950d10c23) |
|---|---|
| Product | Open Xchange (95403734-cab1-5f1e-aaec-98c2ad3ed4bc) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2006-2738 |
vulnerable | 2026-06-03 14:27:33.048206 |
Details available
The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed.
Published: 2006-06-01T10:00:00.000Z
Updated: 2024-08-07T17:58:51.999Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-0091 |
vulnerable | 2026-06-03 14:27:15.173713 |
Details available
Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and earlier, with "Inline HTML" enabled, allows remote attackers to inject arbitrary web script or HTML via e-mail attachments, which are rendered inline.
Published: 2006-01-05T11:00:00.000Z
Updated: 2024-08-07T16:18:20.860Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.