CVE-2004-1129 in CMailServerinfo

Summary

SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/02/2004

Disclosure

01/10/2005

Moderation

VulDB entry created

Entries

1: VDB-23708

CPE

ready

CWE

CWE-89 (Confirmed)

CVSS

9.8

EPSS

0.00497

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1129
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1129
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1129/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!