CVE-2004-0588
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2004-0588
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote attackers to insert arbitrary HTML and script via e-mail messages.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Usermin HTML Email脚本代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Webmin是澳大利亚软件开发者Jamie Cameron和Webmin社区共同开发的一套基于Web的用于类Unix操作系统中的系统管理工具。Usermin则设计用于操作用户级别的任务,允许Unix系统中用户简单的进行接收邮件,执行SSH和邮件转发配置。 Usermin不正确过滤HTML EMAIL消息数据,远程攻击者可以利用这个漏洞窃取目标用户敏感信息。 攻击者可以发送包含恶意脚本代码的HTML EMAIL消息,当目标用户打开浏览时,可导致脚本代码在用户浏览器上执行,这可导致获得基于Cookie的敏感信
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2004-0588
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2004-0588
请登录查看更多情报信息。
Vendor Advisories for CVE-2004-0588 (2)
Mailing List Discussions for CVE-2004-0588 (1)
Other References for CVE-2004-0588 (2)
Same Patch Batch · n/a · 2004-06-23 · 17 CVEs total
| CVE-2004-0125 | FreeBSD jail()进程未授权路由表修改漏洞 | |
| CVE-2004-0135 | SGI IRIX SYSSGI()系统调用非特权用户内核内存访问漏洞 | |
| CVE-2004-0136 | SGI IRIX MapElf32Exec未明本地拒绝服务漏洞 | |
| CVE-2004-0137 | SGI IRIX Init未明本地拒绝服务漏洞 | |
| CVE-2004-0413 | Subversion SVN协议解析远程整数溢出漏洞 | |
| CVE-2004-0492 | Apache 安全漏洞 | |
| CVE-2004-0495 | Linux Kernel多个设备驱动漏洞 | |
| CVE-2004-0579 | 超级本地格式串漏洞Super本地格式字符串漏洞 | |
| CVE-2004-0580 | 多种Linksys设备DHCP信息泄露和拒绝服务漏洞 | |
| CVE-2004-0581 | KSymoops KSymoops-GZNM处理不安全的临时文件符号链接漏洞 | |
| CVE-2004-0582 | Webmin多个未明安全漏洞 | |
| CVE-2004-0583 | Webmin多个未明安全漏洞 | |
| CVE-2004-0584 | Horde IMP Email Header HTML注入漏洞 | |
| CVE-2004-0586 | acpRunner ActiveX 代码存在威胁 acpRunner ActiveX执行任意代码漏洞 | |
| CVE-2004-0587 | SuSE Linux Kernel HbaApiNode不安全文件权限本地拒绝服务漏洞 | |
| CVE-2004-0589 | Cisco IOS 安全漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9422
KLiK SocialMediaWebsite HTTP POST Request Parameter injectio - CVE-2026-9421
KLiK SocialMediaWebsite File upload.inc.php uniqid unrestric - CVE-2026-9420
KLiK SocialMediaWebsite HTTP GET Request Parameter injection - CVE-2026-9376
JPress UCenter Article Submission Endpoint doWriteSave impro - CVE-2026-9373
JeecgBoot OpenAPI Endpoint call improper authentication
V. Comments for CVE-2004-0588
No comments yet