CyberSec.Space Logo
返回 CVE 浏览器

CVE-2004-1129

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0910%
EPSS Percentile7.75th
Published2005年1月10日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.

Affected Platforms (CPE)

📦
Youngzsoft

Cmailserver

= 5.2.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=110137313329955&w=2
🔗 http://www.security.org.sg/vuln/cmailserver52.html
🔗 http://www.securityfocus.com/bid/11742
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/18281
🔗 http://marc.info/?l=bugtraq&m=110137313329955&w=2
🔗 http://www.security.org.sg/vuln/cmailserver52.html
🔗 http://www.securityfocus.com/bid/11742
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/18281

相关漏洞威胁

CVE-2003-028010.0

Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary cod...

CVE-2004-112810.0

Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long...

CVE-2008-69229.3

Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to execute arbitrary code via a ...

CVE-2002-07997.5

Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.