CVE-2005-3692 in Winmail Serverinfo

Summary

Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) retid parameter in badlogin.php, (2) Content-Type headers in HTML mails, and (3) HTML mail attachments.

Reservation

11/19/2005

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
83173	Winmail Server Mail Attachment cross site scripting	80	Proof-of-Concept	Not defined	CVE-2005-3692
83172	Winmail Server HTML Mail HTML injection	80	Proof-of-Concept	Not defined	CVE-2005-3692
26980	Amax Information Technologies Magic Winmail Server badlogin.php cross site scripting	80	Proof-of-Concept	Not defined	CVE-2005-3692

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!