GCVE - cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:*

part: a version: 6.5.0 update: *

Vendor	Atmail (`f3faa2b7-dbb1-5d22-a5dd-fec1b3085bc2`)
Product	Atmail (`102683df-c243-5f9b-8443-074d117d08ae`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-30776`	vulnerable	2026-06-08 05:43:39.715283	Details available atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter. Published: 2022-05-16T13:35:42.000Z Updated: 2024-08-03T06:56:14.017Z Open on db.gcve.eu Reference links https://help.atmail.com/hc/en-us/sections/115003283988 https://medium.com/%40bhattronit96/cve-2022-30776-cd34f977c2b9	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-43574`	vulnerable	2026-06-08 05:36:43.577827	Details available WebAdmin Control Panel in Atmail 6.5.0 (a version released in 2012) allows XSS via the format parameter to the default URI. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Published: 2021-11-15T14:18:31.000Z Updated: 2024-08-04T04:03:08.511Z Open on db.gcve.eu Reference links https://help.atmail.com/hc/en-us/sections/115003283988 https://medium.com/%40bhattronit96/cve-2021-43574-696041dcab9e	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6028`	vulnerable	2026-06-08 05:04:55.193895	Details available Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts, (2) modify user accounts, (3) delete user accounts, or (4) stop the product's service. Published: 2014-01-12T15:00:00.000Z Updated: 2024-08-06T17:29:42.886Z Open on db.gcve.eu Reference links http://osvdb.org/101936 http://www.kb.cert.org/vuls/id/204950 http://atmail.com/changelog/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6017`	vulnerable	2026-06-08 05:04:55.149865	Details available Cross-site scripting (XSS) vulnerability in Atmail Webmail Server before 7.2 allows remote attackers to inject arbitrary web script or HTML via the body of an e-mail message, as demonstrated by the SRC attribute of an IFRAME element. Published: 2014-01-12T15:00:00.000Z Updated: 2024-08-06T17:29:42.638Z Open on db.gcve.eu Reference links http://osvdb.org/101937 http://www.securityfocus.com/bid/64779 http://www.kb.cert.org/vuls/id/204950 http://atmail.com/changelog/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5034`	vulnerable	2026-06-08 05:04:50.671652	Details available Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5031, CVE-2013-5032, and CVE-2013-5033. Published: 2014-01-12T15:00:00.000Z Updated: 2024-08-06T16:59:41.271Z Open on db.gcve.eu Reference links http://blog.atmail.com/2013/atmail-7-1-2-security-hotfix/ http://atmail.com/changelog/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5033`	vulnerable	2026-06-08 05:04:50.670713	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5032`	vulnerable	2026-06-08 05:04:50.669641	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-5031`	vulnerable	2026-06-08 05:04:50.662173	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.