CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1129

SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://marc.info/?l=bugtraq&m=110137313329955&w=2
http://www.security.org.sg/vuln/cmailserver52.html
http://www.securityfocus.com/bid/11742
https://exchange.xforce.ibmcloud.com/vulnerabilities/18281
http://marc.info/?l=bugtraq&m=110137313329955&w=2
http://www.security.org.sg/vuln/cmailserver52.html
http://www.securityfocus.com/bid/11742
https://exchange.xforce.ibmcloud.com/vulnerabilities/18281

Products affected by CVE-2004-1129

Youngzsoft » Cmailserver » Version: 5.2.0

cpe:2.3:a:youngzsoft:cmailserver:5.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1129

Products

Pricing

Contact Us