GCVE - cpe:2.3:a:atmail:atmail:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:atmail:atmail:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Atmail (`f3faa2b7-dbb1-5d22-a5dd-fec1b3085bc2`)
Product	Atmail (`102683df-c243-5f9b-8443-074d117d08ae`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-9519`	vulnerable	2026-06-08 05:10:10.085011	Details available atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account. Published: 2017-06-08T14:00:00.000Z Updated: 2024-09-16T18:54:13.926Z Open on db.gcve.eu Reference links https://help.atmail.com/hc/en-us/articles/115007169147-Minor-Update-7-8-0-2-ActiveSync-2-3-6	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9518`	vulnerable	2026-06-08 05:10:10.084704	Details available atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails. Published: 2017-06-08T14:00:00.000Z Updated: 2024-09-17T04:04:07.368Z Open on db.gcve.eu Reference links https://help.atmail.com/hc/en-us/articles/115007169147-Minor-Update-7-8-0-2-ActiveSync-2-3-6	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9517`	vulnerable	2026-06-08 05:10:10.084319	Details available atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV. Published: 2017-06-08T14:00:00.000Z Updated: 2024-09-16T16:12:35.121Z Open on db.gcve.eu Reference links https://help.atmail.com/hc/en-us/articles/115007169147-Minor-Update-7-8-0-2-ActiveSync-2-3-6	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-11617`	vulnerable	2026-06-08 05:08:38.202900	Details available Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both single quotes and double quotes. Published: 2017-07-25T17:00:00.000Z Updated: 2024-09-16T21:57:18.865Z Open on db.gcve.eu Reference links https://www.bishopfox.com/blog/2017/06/how-i-built-an-xss-worm-on-atmail/ https://help.atmail.com/hc/en-us/articles/115007169147-Minor-Update-7-8-0-2-ActiveSync-2-3-6	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6028`	vulnerable	2026-06-08 05:04:55.193697	Details available Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts, (2) modify user accounts, (3) delete user accounts, or (4) stop the product's service. Published: 2014-01-12T15:00:00.000Z Updated: 2024-08-06T17:29:42.886Z Open on db.gcve.eu Reference links http://osvdb.org/101936 http://www.kb.cert.org/vuls/id/204950 http://atmail.com/changelog/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6017`	vulnerable	2026-06-08 05:04:55.149657	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5034`	vulnerable	2026-06-08 05:04:50.671466	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5033`	vulnerable	2026-06-08 05:04:50.670514	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5032`	vulnerable	2026-06-08 05:04:50.669439	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5031`	vulnerable	2026-06-08 05:04:50.656577	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.