Vulnerabilities > Youngzsoft > Cmailserver > 5.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-10 | CVE-2004-1130 | Remote vulnerability in Youngzsoft Cmailserver 5.2.0 Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments. network youngzsoft | 6.8 |
2005-01-10 | CVE-2004-1129 | Remote vulnerability in Youngzsoft Cmailserver 5.2.0 SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter. | 10.0 |
2005-01-10 | CVE-2004-1128 | Remote vulnerability in Youngzsoft CMailServer Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename. | 10.0 |