Loneferret

**Name of the Vulnerable Software and Affected Versions** MailEnable Enterprise version 6.5 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parts of an SMTP e-mail message, including the `From`, `To`, or `Subject` header or the message `body`. **Recommendations** For MailEnable Enterprise version 6.5, consider restricting the use of the affected headers and message body in SMTP e-mail messages until a patch is available. As a temporary workaround, avoid using potentially malicious input in the `From`, `To`, `Subject` headers, or the message `body` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mini Mail Dashboard Widget plugin version 1.42 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the body of an email. This could potentially lead to unauthorized actions on the affected system. **Recommendations** For Mini Mail Dashboard Widget plugin version 1.42, update to a version that fixes this issue to prevent remote attackers from injecting malicious scripts.

**Name of the Vulnerable Software and Affected Versions** EmailArchitect Email Server versions 10.0 through 10.0.0.3 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via the `From` or `Date` field in an email, potentially leading to cross-site scripting (XSS) attacks. **Recommendations** For EmailArchitect Email Server versions 10.0 through 10.0.0.3, update to a version that fixes the XSS vulnerabilities in the `From` and `Date` fields.

**Name of the Vulnerable Software and Affected Versions** WP SimpleMail plugin version 1.0.6 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via the `To`, `From`, `Date`, or `Subject` field of an email, potentially leading to cross-site scripting (XSS) attacks. **Recommendations** For WP SimpleMail plugin version 1.0.6, consider updating to a newer version that addresses this issue, as using outdated versions may expose users to XSS attacks. If no update is available, restrict access to email composition fields to minimize the risk of exploitation. Avoid using the `To`, `From`, `Date`, or `Subject` fields in emails until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Postie plugin versions 1.4.3 through 1.5.15 **Description** The issue is related to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML. This is achieved via the From field of an email. **Recommendations** For Postie plugin versions 1.4.3 through 1.5.15, update to a version later than 1.5.15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Synametrics Technologies Xeams version 4.4 Build 5720 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the body of an email. This can lead to the execution of malicious scripts on the client-side. **Recommendations** For Synametrics Technologies Xeams version 4.4 Build 5720, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ThreeWP Email Reflector plugin versions prior to 1.16 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `Subject` of an email. This could potentially lead to malicious actions on the affected system. **Recommendations** For versions prior to 1.16, update to version 1.16 or later to resolve the issue. As a temporary workaround, consider restricting access to email subjects to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Axigen Mail Server version 8.0.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the body of an email. This could potentially lead to the execution of malicious scripts on the client-side. **Recommendations** For Axigen Mail Server version 8.0.1, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SmarterMail version 9.2 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via an e-mail message body using various methods, including a JavaScript alert function with the fromCharCode method, a SCRIPT element, a Cascading Style Sheets (CSS) expression property in the STYLE attribute of an arbitrary element, or an innerHTML attribute within an XML document. **Recommendations** For SmarterMail version 9.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mailtraq version 2.17.3.3150 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via various components of an e-mail message, including the subject, body, and Date header. This can be achieved through different methods, such as using a JavaScript alert function with the fromCharCode method, incorporating a SCRIPT element, or utilizing a crafted SRC attribute of an IFRAME element. Additionally, attackers can exploit this by using a data: URL in the CONTENT attribute of an HTTP-EQUIV="refresh" META element or by leveraging a Cascading Style Sheets (CSS) expression property in the STYLE attribute of an element, such as an IMG element. **Recommendations** For Mailtraq version 2.17.3.3150, consider disabling the rendering of JavaScript and HTML elements within e-mail messages to minimize the risk of exploitation. Restrict access to potentially vulnerable components, such as the IFRAME element and META elements with HTTP-EQUIV="refresh", until a patch is available. Avoid using CSS expression properties in the STYLE attribute of elements within e-mail messages until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SurgeMail version 6.0a4 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message. **Recommendations** For version 6.0a4, consider disabling the handling of IFRAME elements in HTML e-mail messages until a patch is available. Restrict access to the email module to minimize the risk of exploitation. Avoid using the SRC attribute in the IFRAME element in the email body until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Alt-N MDaemon Free version 12.5.4 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via an e-mail message body. This can be achieved through the Cascading Style Sheets (CSS) expression property in conjunction with a CSS comment within the STYLE attribute of an IMG element, the CSS expression property in conjunction with multiple CSS comments within the STYLE attribute of an arbitrary element, or an innerHTML attribute within an XML document. **Recommendations** For Alt-N MDaemon Free version 12.5.4, consider disabling the processing of CSS expressions and innerHTML attributes within e-mail messages to minimize the risk of exploitation. Restrict access to e-mail messages with potentially malicious content to prevent arbitrary web script or HTML injection.

**Name of the Vulnerable Software and Affected Versions** ManageEngine ServiceDesk Plus version 8.1 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via various means, including an e-mail message body or subject, using techniques such as a `SCRIPT` element, crafted Cascading Style Sheets (CSS) expression properties, or specific attributes of elements like `IFRAME` or `META`. This can lead to cross-site scripting (XSS) attacks. **Recommendations** For ManageEngine ServiceDesk Plus version 8.1, consider disabling the processing of HTML and CSS elements in e-mail messages until a patch is available. Restrict access to the e-mail handling module to minimize the risk of exploitation. Avoid using the `STYLE` attribute of arbitrary elements and the `SRC` attribute of `IFRAME` elements in e-mail messages until the issue is resolved. As a temporary workaround, consider filtering out `SCRIPT` elements and crafted CSS expression properties from e-mail messages.

**Name of the Vulnerable Software and Affected Versions** AfterLogic MailSuite Pro version 6.3 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via an e-mail message body. Specifically, this can be achieved with a crafted SRC attribute of either an IFRAME element or a SCRIPT element. **Recommendations** For AfterLogic MailSuite Pro version 6.3, consider disabling the ability to include IFRAME and SCRIPT elements in e-mail message bodies as a temporary workaround until a patch is available. Restrict access to potentially vulnerable e-mail messages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ESCON SupportPortal Professional Edition version 3.0 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via an e-mail message body using various methods, including a SCRIPT element, a crafted SRC attribute of an IFRAME element, a crafted CONTENT attribute of an HTTP-EQUIV="Set-Cookie" META element, or an innerHTML attribute within an XML document. **Recommendations** For ESCON SupportPortal Professional Edition version 3.0, consider disabling the handling of e-mail message bodies that contain SCRIPT elements, IFRAME elements with crafted SRC attributes, META elements with crafted CONTENT attributes, or XML documents with innerHTML attributes until a patch is available. Restrict access to the e-mail functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** T-dah WebMail versions 3.2.0 through 2.3 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via various means in an e-mail message body, including a `SCRIPT` element, a crafted Cascading Style Sheets (CSS) expression property, a CSS expression property in the `STYLE` attribute of an arbitrary element, an `ONLOAD` attribute of a `BODY` element, a crafted `SRC` attribute of an `IFRAME` element, a crafted `CONTENT` attribute of an `HTTP-EQUIV="refresh"` `META` element, or a `data:` URL in the `CONTENT` attribute of an `HTTP-EQUIV="refresh"` `META` element. **Recommendations** For T-dah WebMail versions 3.2.0 through 2.3, update to a version that fixes these cross-site scripting (XSS) vulnerabilities. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WinWebMail Server version 3.8.1.6 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via an e-mail message body using various methods, including a SCRIPT element, crafted Cascading Style Sheets (CSS) expressions, or specific attributes in HTML elements. **Recommendations** For WinWebMail Server version 3.8.1.6, consider disabling the processing of e-mail message bodies containing SCRIPT elements, CSS expressions, or specific attributes until a patch is available. Restrict access to the e-mail functionality to minimize the risk of exploitation. Avoid using the STYLE attribute in arbitrary elements and restrict the use of IFRAME elements with crafted SRC attributes. Additionally, restrict the use of UTF-7 text in HTTP-EQUIV="CONTENT-TYPE" META elements.

**Name of the Vulnerable Software and Affected Versions** Simple Web Content Management System version 1.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `id` parameter to several API endpoints, including "item delete.php", "item status.php", "item detail.php", "item modify.php", or "item position.php" in the "admin/" directory, or the `status` parameter to "admin/item status.php". **Recommendations** For Simple Web Content Management System version 1.1, consider restricting access to the vulnerable API endpoints, specifically "item delete.php", "item status.php", "item detail.php", "item modify.php", "item position.php", and "admin/item status.php", until a patch is available. Avoid using the `id` and `status` parameters in these endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Simple PHP Agenda version 2.2.8 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `priority` parameter in an "addTodo" action. **Recommendations** For Simple PHP Agenda version 2.2.8, consider restricting access to the `engine.php` file or the "addTodo" action to minimize the risk of exploitation. Avoid using the `priority` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** BarCodeWiz BarCode version 3.29 **Description** The issue is related to a buffer overflow in the BarCodeWiz BarCode 3.29 ActiveX control, specifically in the BarcodeWiz.dll file. This occurs when a long argument is passed to the `LoadProperties` method, allowing remote attackers to execute arbitrary code. **Recommendations** For BarCodeWiz BarCode version 3.29, consider disabling the `LoadProperties` method as a temporary workaround until a patch is available. Restrict access to the BarcodeWiz.dll file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.