Vulnerabilities (CVE)

Filtered by vendor Kmail Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-7062 1 Kmail 1 Kmail 2024-11-21 7.8 HIGH N/A
calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows remote attackers to obtain the full path of the server via an invalid d parameter, which leaks the path in an error message.
CVE-2006-2104 1 Kmail 1 Kmail 2024-11-21 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email System (kmail) 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) d parameter to main.php, ordner parameter to (2) main.php, or (3) webdisk.php, (4) draft parameter to compose.php, or (5) m, or (6) y parameter to calendar.php.
CVE-2005-0404 2 Kde, Kmail 2 Kde, Kmail 2024-11-20 5.0 MEDIUM N/A
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.