Hastymail Hastymail2
4 CVEs affecting Hastymail Hastymail2. Latest disclosed: 2011-11-30. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2011-4542 | | 2011-11-30 | Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox Drafts action to the de… | |
CVE-2011-4541 | | 2011-11-29 | Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote attackers to inject arbitrary web script or HTML via the rs… | |
CVE-2010-4646 | | 2011-01-18 | Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject arbitrary web script or HTML via a crafted background attr… | |
CVE-2009-5051 | | 2011-01-18 | Hastymail2 before RC 8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cook… |