← CVECheck
HomeVulnerabilities

CVE-2004-1993 — HIGH severity vulnerability (The patch to the checklogin function in omail.pl for omail w)

The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password.

CVE IDCVE-2004-1993
SeverityHIGH
CVSS score10.0
CVSS vectorAV:N/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2004-05-04
Last modified2026-04-16
DescriptionThe patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →