Filtered by vendor Alt-n
Subscriptions
Filtered by product Mdaemon
Subscriptions
Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4209 | 1 Alt-n | 2 Mdaemon, Worldclient | 2026-04-16 | N/A |
| WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2005-4266 | 1 Alt-n | 2 Mdaemon, Worldclient | 2026-04-16 | N/A |
| WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value. | ||||
| CVE-2004-2504 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges. | ||||
| CVE-2001-0064 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string. | ||||
| CVE-2001-0583 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001. | ||||
| CVE-2000-0716 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email. | ||||
| CVE-2003-1200 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi. | ||||
| CVE-2003-1471 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. | ||||