10
CVE-2004-1129
- EPSS 1.93%
- Veröffentlicht 10.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:06
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Youngzsoft ≫ Cmailserver Version5.2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.93% | 0.774 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://marc.info/?l=bugtraq&m=110137313329955&w=2
http://www.security.org.sg/vuln/cmailserver52.html
http://www.securityfocus.com/bid/11742
https://exchange.xforce.ibmcloud.com/vulnerabilities/18281