CVE-2002-1526

EMU Webmail 5.0 - Cross-Site Scripting via Email Address Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1526. PoCs published by FVS.

AI-analyzed exploit summary This is a writeup describing a cross-site scripting (XSS) vulnerability in EmuMail. The vulnerability allows an attacker to inject malicious script code into the email address field, which executes in the context of the EmuMail site.

Description

Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field.

Exploits (1)

exploitdb WRITEUP VERIFIED
by FVS · textwebappscgi
https://www.exploit-db.com/exploits/21878

This is a writeup describing a cross-site scripting (XSS) vulnerability in EmuMail. The vulnerability allows an attacker to inject malicious script code into the email address field, which executes in the context of the EmuMail site.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Emumail (version not specified)
No auth needed
Prerequisites: Access to the EmuMail web interface
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10205.php
Exploit, Patch, Vendor Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0131.html
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5824

Scores

EPSS 0.0392
EPSS Percentile 89.0%

Details

Status published
Products (1)
emumail/emu_webmail 5.0
Published Apr 02, 2003
Tracked Since Feb 18, 2026