CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2005-1284
https://notcve.org/view.php?id=CVE-2005-1284
The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request. • http://marc.info/?l=bugtraq&m=111419001527077&w=2 http://www.osvdb.org/15822 http://www.securityfocus.com/bid/13323 https://exchange.xforce.ibmcloud.com/vulnerabilities/20228 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1282
https://notcve.org/view.php?id=CVE-2005-1282
Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the src parameter in an IMG tag, (2) User settings, or (3) Address book input boxes in the webmail interface. • http://marc.info/?l=bugtraq&m=111419001527077&w=2 http://secunia.com/advisories/15100 http://www.securityfocus.com/bid/13326 https://exchange.xforce.ibmcloud.com/vulnerabilities/20225 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1283
https://notcve.org/view.php?id=CVE-2005-1283
Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367. • http://marc.info/?l=bugtraq&m=111419001527077&w=2 http://www.osvdb.org/15821 http://www.osvdb.org/15823 https://exchange.xforce.ibmcloud.com/vulnerabilities/20226 https://exchange.xforce.ibmcloud.com/vulnerabilities/20229 •