CVE-2005-3288

Rockliffe Mailsite Express - Unrestricted File Upload

Title source: rule

Description

Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.

References (1)

[Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory] http://securitytracker.com/id?1015063

Scores

EPSS 0.0056

EPSS Percentile 67.9%

Classification

CWE

CWE-434

Status draft

Affected Products (1)

rockliffe/mailsite_express

Timeline

Published Oct 23, 2005

Tracked Since Feb 18, 2026