VYPR
Unrated severityNVD Advisory· Published Oct 23, 2005· Updated Jun 16, 2026

CVE-2005-3287

CVE-2005-3287

Description

Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be directly requested from the cache directory.

Affected products

2
  • Rockliffe/Express2 versions
    cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.