Every CVE whose affected-product data names Hastymail Hastymail2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2011-4542 — CVSS 7.5 (high): Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox…
CVE-2009-5051 — CVSS 5.0 (medium): Hastymail2 before RC 8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers…
CVE-2010-4646 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject arbitrary web script or HTML via a…
CVE-2011-4541 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote attackers to inject arbitrary web script…