IMP : Security Vulnerabilities, CVEs, CVSS score >= 4
Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.
Max CVSS
7.5
EPSS Score
8.28%
Published
2001-12-06
Updated
2017-10-10
IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request.
Max CVSS
5.0
EPSS Score
0.04%
Published
2000-04-22
Updated
2016-10-18
2 vulnerabilities found