CVE-2006-5313
- EPSS 1.02%
- Veröffentlicht 17.10.2006 17:07:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configur...
CVE-2006-5262
- EPSS 5.35%
- Veröffentlicht 12.10.2006 22:07:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary IMAP commands via a CRLF sequence in a mailbox name. NOTE: the attack crosses privilege boundaries if th...
CVE-2004-2704
- EPSS 25.15%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim c...