Page 2 of 11 results (0.006 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the src parameter in an IMG tag, (2) User settings, or (3) Address book input boxes in the webmail interface. • http://marc.info/?l=bugtraq&m=111419001527077&w=2 http://secunia.com/advisories/15100 http://www.securityfocus.com/bid/13326 https://exchange.xforce.ibmcloud.com/vulnerabilities/20225 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367. • http://marc.info/?l=bugtraq&m=111419001527077&w=2 http://www.osvdb.org/15821 http://www.osvdb.org/15823 https://exchange.xforce.ibmcloud.com/vulnerabilities/20226 https://exchange.xforce.ibmcloud.com/vulnerabilities/20229 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 1

Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authenticated users to read, delete, or upload arbitrary files via a .. (dot dot) in (1) the filename of an e-mail attachment, (2) the _msgatt.rec file, (3) and the /msg, /delete, /folderadd, and /folderdelete operations for the Folder parameter. • http://marc.info/?l=bugtraq&m=110796956011699&w=2 http://www.security.org.sg/vuln/argosoftmail1873.html •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0085.html http://www.iss.net/security_center/static/10301.php http://www.securityfocus.com/bid/5906 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 3

Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. • https://www.exploit-db.com/exploits/21591 http://archives.neohapsis.com/archives/bugtraq/2002-07/0029.html http://www.argosoft.com/applications/mailserver/changelist.asp http://www.iss.net/security_center/static/9477.php http://www.securityfocus.com/bid/5144 •