CyberSec.Space Logo
Back to CVE Browser

CVE-2005-1284

HIGH
7.5
CVSS Severity Score
EPSS Score0.0940%
EPSS Percentile38.11th
PublishedMay 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request.

Affected Platforms (CPE)

πŸ“¦
Argosoft

Argosoft Mail Server

= 1.8.7.6

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=111419001527077&w=2
πŸ”— http://www.osvdb.org/15822
πŸ”— http://www.securityfocus.com/bid/13323
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/20228
πŸ”— http://marc.info/?l=bugtraq&m=111419001527077&w=2
πŸ”— http://www.osvdb.org/15822
πŸ”— http://www.securityfocus.com/bid/13323
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/20228

Related Vulnerabilities

CVE-2005-12837.5

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbi...

CVE-2017-152235.3

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (m...

CVE-2002-10045.0

Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attacke...

CVE-2002-10055.0

ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the em...