Mailenable Professional
Approved changes feed: RSS · Atom
cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*
part: a version: 1.73 update: *
| Vendor | Mailenable (ac781917-bc09-5845-a37c-c45d67bfa524) |
|---|---|
| Product | Mailenable Professional (bdb29d49-6385-5ec9-ae52-712a313e23f1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2007-0652 |
vulnerable | 2026-06-08 04:49:32.986963 |
Details available
Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
Published: 2007-02-15T23:00:00.000Z
Updated: 2024-08-07T12:26:54.322Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-0651 |
vulnerable | 2026-06-08 04:49:32.975196 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
Published: 2007-02-15T23:00:00.000Z
Updated: 2024-08-07T12:26:54.317Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-6964 |
vulnerable | 2026-06-08 04:49:30.069629 |
Details available
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Published: 2007-01-29T16:00:00.000Z
Updated: 2024-08-07T20:50:04.616Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-6484 |
vulnerable | 2026-06-08 04:49:28.950363 |
Details available
The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information.
Published: 2006-12-12T20:00:00.000Z
Updated: 2024-08-07T20:26:46.583Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-3277 |
vulnerable | 2026-06-08 04:49:08.815491 |
Details available
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.
Published: 2006-06-28T22:00:00.000Z
Updated: 2024-08-07T18:23:20.680Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-1792 |
vulnerable | 2026-06-08 04:48:58.041534 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.