Description
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
References (1)
Core 1
Core References
Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015063
Scores
EPSS
0.0056
EPSS Percentile
68.4%
Details
CWE
CWE-434
Status
published
Products (1)
rockliffe/mailsite_express
Published
Oct 23, 2005
Tracked Since
Feb 18, 2026