Mailmarshal » Mailmarshal Smtp : Security Vulnerabilities, CVEs, CVSS score >= 2
The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before 6.2.1 allows remote attackers to modify arbitrary account information via a UserId variable with a large amount of trailing whitespace followed by a malicious value, which triggers SQL buffer truncation due to length inconsistencies between variables.
Max CVSS
7.6
EPSS Score
1.58%
Published
2007-07-17
Updated
2008-09-05
1 vulnerabilities found