Description
SQL injection vulnerability in calendar.html in Merak Mail Server 5.2.7 allows remote attackers to execute arbitrary SQL statements via the schedule parameter.
Exploits (1)
References (7)
Core 7
Core References
Exploit, Patch, Vendor Advisory x_refsource_misc
http://packetstormsecurity.nl/0408-exploits/merak527.txt
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10966
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1010969
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109279057326044&w=2
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_osvdb
http://www.osvdb.org/9044
Exploit, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12269
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17022
Scores
EPSS
0.0138
EPSS Percentile
80.4%
Details
Status
published
Products (1)
merak/mail_server
7.5.2
Published
Aug 17, 2004
Tracked Since
Feb 18, 2026