Search Results (26 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1004 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.
CVE-2005-0520 1 Argosoft 1 Ftp Server 2026-04-16 N/A
ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519.
CVE-2006-0978 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the View Headers (aka viewheaders) functionality in ArGoSoft Mail Server Pro 1.8.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the Subject header, (2) the From header, and (3) certain other unspecified headers.
CVE-2005-1283 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367.
CVE-2017-15223 1 Argosoft 1 Mini Mail Server 2025-04-20 N/A
Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop.
CVE-2020-23824 1 Argosoft 1 Mail Server 2024-11-21 8.8 High
ArGo Soft Mail Server 1.8.8.9 is affected by Cross Site Request Forgery (CSRF) for perform remote arbitrary code execution. The component is the Administration dashboard. When using admin/user credentials, if the admin/user admin opens a website with the malicious page that will run the CSRF.