MidnightBSD

Advisories for ensim

CVE-2002-2344 MEDIUM

Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ensim webppliance 3.0
ensim webppliance 3.1
CVE-2005-3014 MEDIUM

Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ensim webppliance 3.0
ensim webppliance 3.1
ensim webppliance 3.1.1