CVE-2005-3288

Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
References
Link Resource
http://securitytracker.com/id?1015063 Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-10-23 10:02

Updated : 2024-01-26 19:01


NVD link : CVE-2005-3288

Mitre link : CVE-2005-3288

CVE.ORG link : CVE-2005-3288


JSON object : View

Products Affected

rockliffe

  • mailsite_express
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type