CVE-2004-1101

MailPost 5.1.1sv - Denial of Service and Cross-Site Scripting via Malformed HTTP Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1101. PoCs published by Procheckup.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in MailPost 5.1.1sv, where insufficient sanitization of user-supplied data allows arbitrary script execution via a malicious URL. The example demonstrates an XSS payload embedded in the URL path.

Description

mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute a cross-site scripting (XSS) attack via an HTTP request that contains a / (backslash) and arbitrary webscript before the requested file, which leaks the pathname and does not quote the script in the resulting Visual Basic error message.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Procheckup · textwebappscgi

https://www.exploit-db.com/exploits/24722

View Code ZIP pw:eip

The provided text describes a cross-site scripting (XSS) vulnerability in MailPost 5.1.1sv, where insufficient sanitization of user-supplied data allows arbitrary script execution via a malicious URL. The example demonstrates an XSS payload embedded in the URL path.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: MailPost 5.1.1sv

No auth needed

Prerequisites: Access to the target application's URL

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources x_refsource_misc

http://www.procheckup.com/security_info/vuln_pr0411.html

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11598

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/596046

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17951

Scores

EPSS 0.0604

EPSS Percentile 92.4%

Details

Status published

Products (1)

tips/mailpost 5.1.1_sv

Published Jan 10, 2005

Tracked Since Feb 18, 2026