VYPR

Mailpost

by Tips

CVEs (4)

  • CVE-2004-1102Jan 10, 2005
    risk 0.04cvss epss 0.09

    MailPost 5.1.1sv, and possibly earlier versions, displays a different error message depending on whether the requested file exists or not, which allows remote attackers to gain sensitive information.

  • CVE-2004-1101Jan 10, 2005
    risk 0.03cvss epss 0.06

    mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute a cross-site scripting (XSS) attack via an HTTP request that…

  • CVE-2004-1100Jan 10, 2005
    risk 0.03cvss epss 0.05

    Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter.

  • CVE-2004-1103Jan 10, 2005
    risk 0.00cvss epss 0.03

    MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to gain sensitive information via the debug parameter, which reveals information such as the path to the web root and the web server version.