MidnightBSD

Advisories for hivemail

CVE-2006-0757 HIGH

Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to execute arbitrary PHP code via (1) the contactgroupid parameter in addressbook.update.php, (2) the messageid parameter in addressbook.add.php, (3) the folderid parameter in folders.update.php, and possibly certain parameters in (4) calendar.event.php, (5) index.php, (6) pop.download.php, (7) read.bounce.php, (8) rules.block.php, (9) language.php, and (10) certain other scripts, as demonstrated by an addressbook.update.php request with a contactgroupid value of phpinfo() preceded by facilitators.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hivemail hivemail 1.1.1
hivemail hivemail 1.3_rc1
hivemail hivemail 1.1
hivemail hivemail 1.2.1_beta1
hivemail hivemail 1.2.1_rc
hivemail hivemail 1.2.2
hivemail hivemail 1.2_sp1
hivemail hivemail 1.3
hivemail hivemail 1.3_beta1
hivemail hivemail 1.2
CVE-2006-0758 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via a URL encoded expression in the query string in (1) index.php and (2) possibly certain other scripts, which is not properly cleansed when accessed from the $_SERVER['PHP_SELF'] variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hivemail hivemail 1.1.1
hivemail hivemail 1.3_rc1
hivemail hivemail 1.1
hivemail hivemail 1.2.1_beta1
hivemail hivemail 1.2.1_rc
hivemail hivemail 1.2.2
hivemail hivemail 1.2_sp1
hivemail hivemail 1.3
hivemail hivemail 1.3_beta1
hivemail hivemail 1.2
CVE-2006-0759 HIGH

Multiple SQL injection vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the contactgroupid parameter in addressbook.update.php, (2) the messageid parameter in addressbook.add.php, (3) the folderid parameter in folders.update.php, and possibly certain parameters in (4) calendar.event.php, (5) index.php, (6) pop.download.php, (7) read.bounce.php, (8) rules.block.php, (9) language.php, and (10) certain other scripts; and allow remote authenticated users to execute arbitrary SQL commands via (11) the folderid parameter in index.php and (12) possibly other parameters in certain other scripts, because $_SERVER['PHP_SELF'] is improperly handled.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hivemail hivemail 1.1.1
hivemail hivemail 1.3_rc1
hivemail hivemail 1.1
hivemail hivemail 1.2.1_beta1
hivemail hivemail 1.2.1_rc
hivemail hivemail 1.2.2
hivemail hivemail 1.2_sp1
hivemail hivemail 1.3
hivemail hivemail 1.3_beta1
hivemail hivemail 1.2
CVE-2006-3564 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the email, (2) cond, or (3) name parameters to (a) addressbook.view.php, (4) the daysprune parameter to (b) index.php, (5) the data[to] parameter to (c) compose.email.php, and (6) the markas parameter to (d) read.markas.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hivemail hivemail 1.3
hivemail hivemail 1.2
CVE-2006-3565 HIGH

SQL injection vulnerability in search.results.php in HiveMail 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the fields[] parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hivemail hivemail *
CVE-2006-3566 MEDIUM

search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hivemail hivemail 1.1.1
hivemail hivemail 1.3_rc1
hivemail hivemail 1.1
hivemail hivemail 1.2.1_beta1
hivemail hivemail *
hivemail hivemail 1.2.1_rc
hivemail hivemail 1.2.2
hivemail hivemail 1.2_sp1
hivemail hivemail 1.3
hivemail hivemail 1.3_beta1
hivemail hivemail 1.2