Dbmail : Security Vulnerabilities, CVEs,

CVE-2007-6714

DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication.
Max CVSS
6.8
EPSS Score
2.14%
Published
2008-04-17
Updated
2017-08-08

CVE-2003-1523

SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors.
Max CVSS
7.5
EPSS Score
0.16%
Published
2003-12-31
Updated
2017-07-29
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close