CVE-2004-1993 — HIGH severity vulnerability (The patch to the checklogin function in omail.pl for omail w)
The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password.
| CVE ID | CVE-2004-1993 |
|---|---|
| Severity | HIGH |
| CVSS score | 10.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2004-05-04 |
| Last modified | 2026-04-16 |
| Description | The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →