CVE-2007-5235

uebimiau 2.7.2-2.7.10 - Cross-Site Scripting via f_email Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-5235. PoCs published by cp77fk4r, Ivan Sanches.

AI-analyzed exploit summary This is a writeup detailing multiple vulnerabilities in Uebimiau Webmail <= 2.7.2, including XSS, directory listing, and full path disclosure. No exploit code is provided, only URLs and descriptions.

Description

Cross-site scripting (XSS) vulnerability in index.php in Uebimiau 2.7.2 through 2.7.10 allows remote attackers to inject arbitrary web script or HTML via the f_email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (2)

exploitdb WRITEUP VERIFIED
by cp77fk4r · textwebappsphp
https://www.exploit-db.com/exploits/11906

This is a writeup detailing multiple vulnerabilities in Uebimiau Webmail <= 2.7.2, including XSS, directory listing, and full path disclosure. No exploit code is provided, only URLs and descriptions.

Classification
Writeup 90%
Attack Type
Xss | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Uebimiau Webmail <= 2.7.2
No auth needed
Prerequisites: access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Ivan Sanches · textwebappsphp
https://www.exploit-db.com/exploits/30633

The provided text describes a cross-site scripting (XSS) vulnerability in UebiMiau due to improper input sanitization. It includes a sample exploit URL demonstrating the vulnerability but lacks executable code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: UebiMiau (version not specified)
No auth needed
Prerequisites: Access to the vulnerable web application
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25912
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/39898

Scores

EPSS 0.0121
EPSS Percentile 64.4%

Details

CWE
CWE-79
Status published
Products (3)
uebimiau/uebimiau 2.7.2
uebimiau/uebimiau 2.7.9
uebimiau/uebimiau 2.7.10
Published Oct 06, 2007
Tracked Since Feb 18, 2026