Dbmail

dbmail

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Dbmail

dbmail

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-6714 1Dbmail 1Dbmail Apr 23, 2026 Apr 17, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to i...Show more DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication.Show less
CVE-2003-1523 1Dbmail 1Dbmail Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2007-6714

1Dbmail

Apr 23, 2026

Apr 17, 2008

N/A· v4

N/A· v3

6.8 MEDIUM· v2

DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to i...Show more

CVE-2003-1523

1Dbmail

Apr 16, 2026

Dec 31, 2003

N/A· v4

N/A· v3

7.5 HIGH· v2

SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors.