Youngzsoft: >> Cmailserver >> 5.2.0 Security Vulnerabilities
Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename.
CVSS Score
10.0
EPSS Score
0.056
Published
2005-01-10
SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
CVSS Score
10.0
EPSS Score
0.005
Published
2005-01-10
Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments.
CVSS Score
6.8
EPSS Score
0.01
Published
2005-01-10