RSS   Vulnerabilities for 'Open-xchange'   RSS

2006-06-01
 
CVE-2006-2738

CWE-Other
 

 
The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed.

 
2006-01-05
 
CVE-2006-0091

 

 
Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and earlier, with "Inline HTML" enabled, allows remote attackers to inject arbitrary web script or HTML via e-mail attachments, which are rendered inline.

 

 >>> Vendor: Open-xchange 11 Products
Open-xchange
Open-xchange server
Open-xchange appsuite
Ox guard
Office web
Open-xchange appsuite frontend
Open-xchange appsuite backend
Documentconverter-api
App suite
Ox cloud
Ox app suite


Copyright 2024, cxsecurity.com

 

Back to Top