N/A

Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary SQL commands via the (1) adr_sortkey and (2) adr_sortkey_desc parameters in the (a) addrlist servlet, and the (3) sortkey and (4) sortkey_desc parameters in the (b) maillist servlet.

N/A

N/A

Neon WebMail for Java 多个SQL注入漏洞

Neon WebMail for Java中存在多个SQL注入漏洞，远程攻击者可以通过(a)addrlist servlet中的(1)adr_sortkey和(2) adr_sortkey_desc参数，以及(b) maillist servlet中的(3)sortkey和(4)sortkey_desc参数执行任意SQL命令。

N/A

N/A