Detections
Analytics

CVE-2005-1284

high

Description

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/20228

http://www.securityfocus.com/bid/13323

http://www.osvdb.org/15822

http://marc.info/?l=bugtraq&m=111419001527077&w=2

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High