Lucene search
K
YoungzsoftCmailserver

7 matches found

CVE
CVE
added 2004/12/05 5:0 a.m.51 views

CVE-2004-1130

CVE-2004-1130 describes a Cross-site scripting (XSS) flaw in admin.asp of CMailServer 5.2 that allows remote attackers to execute arbitrary web script or HTML by supplying input to personal information fields (username, name, comments). The vulnerability is documented across NVD/CVE records with ...

6.8CVSS6AI score0.01306EPSS
CVE
CVE
added 2007/04/12 10:0 a.m.49 views

CVE-2007-1991

CVE-2007-1991 is an XSS vulnerability affecting CmailServer WebMail 5.4.3 (and possibly earlier) in the mail/signup.asp path. The issue allows remote attackers to inject arbitrary web script or HTML via the Comment parameter (a vector distinct from CVE-2007-1927). Public references confirm the sa...

4.3CVSS5.7AI score0.01022EPSS
Web
CVE
CVE
added 2004/12/05 5:0 a.m.48 views

CVE-2004-1129

CVE-2004-1129 affects YoungZSoft CMailServer 5.2. A remote SQL injection is possible in the components fdelmail.asp, addressc.asp, and possibly postmail.asp and fmvmail.asp via the indexOfMail parameter, allowing an attacker to inject arbitrary SQL commands and compromise mail metadata and contac...

10CVSS8AI score0.01933EPSS
CVE
CVE
added 2009/08/10 6:0 p.m.47 views

CVE-2008-6922

CVE-2008-6922 describes multiple stack-based buffer overflows in CMailServer 5.4.6: CMailCOM.dll and related ActiveX controls (CMailCom.POP3 and CMailCOM.SMTP) fail to handle long arguments in a list of methods (CreateUserPath, Logout, DeleteMailByUID, MoveToInbox, MoveToFolder, DeleteMailEx, Get...

9.3CVSS8AI score0.09313EPSS
CVE
CVE
added 2007/04/10 11:0 p.m.44 views

CVE-2007-1927

The provided documents confirm a concrete XSS vulnerability: CVE-2007-1927 affects CmailServer WebMail 5.3.4 and earlier, where arbitrary web script/HTML can be injected via the POP3Mail parameter in signup.asp. Connected records also reference CVE-2007-1991 (a related XSS in mail/signup.asp via ...

4.3CVSS5.7AI score0.01217EPSS
CVE
CVE
added 2002/07/26 4:0 a.m.36 views

CVE-2002-0799

Technical details for CVE-2002-0799 are not publicly available in the provided connected documents; monitor for updates.

7.5CVSS7.9AI score0.14317EPSS
CVE
CVE
added 2003/05/14 4:0 a.m.36 views

CVE-2003-0280

CVE-2003-0280 : Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (MAIL FROM) or (RCPT TO) commands. The connected documents confirm the affected product/version and the remote-code-execution impact, with C...

10CVSS8.3AI score0.14749EPSS