EUVD-2004-1127

Malware in sbrugna...

CVE-2004-1129

SQL injection vulnerability in 1 fdelmail.asp, 2 addressc.asp, and possibly 3 postmail.asp and 4 fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter...

CVE-2004-1130

Cross-site scripting XSS vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as 1 username, 2 name, or 3 comments...

CVE-2004-1128

CVE-2004-1128 is a buffer overflow in CMailCOM.dll of YoungZSoft CMailServer 5.2 that allows remote code execution via an attachment with a long filename. The connected data confirms the vulnerable component and impact (remote arbitrary code execution) but does not provide specific exploit detail...

CVE-2004-1129

CVE-2004-1129 affects YoungZSoft CMailServer 5.2. A remote SQL injection is possible in the components fdelmail.asp, addressc.asp, and possibly postmail.asp and fmvmail.asp via the indexOfMail parameter, allowing an attacker to inject arbitrary SQL commands and compromise mail metadata and contac...

CVE-2004-1129

SQL injection vulnerability in 1 fdelmail.asp, 2 addressc.asp, and possibly 3 postmail.asp and 4 fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter...