Youngzsoft Cmailserver — known CVE vulnerabilities
Every CVE whose affected-product data names Youngzsoft Cmailserver, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2003-0280 — CVSS 10.0 (critical): Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via…
CVE-2004-1129 — CVSS 10.0 (critical): SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2…
CVE-2008-6922 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to execute arbitrary code via a long…
CVE-2002-0799 — CVSS 7.5 (high): Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
CVE-2004-1130 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML…
CVE-2007-1991 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to…
CVE-2007-1927 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary…