Argosoft : Security Vulnerabilities, CVEs, CVSS score >= 8
ArGo Soft Mail Server 1.8.8.9 is affected by Cross Site Request Forgery (CSRF) for perform remote arbitrary code execution. The component is the Administration dashboard. When using admin/user credentials, if the admin/user admin opens a website with the malicious page that will run the CSRF.
Max CVSS
8.8
EPSS Score
0.20%
Published
2020-09-11
Updated
2020-09-18
ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519.
Max CVSS
10.0
EPSS Score
1.24%
Published
2005-02-23
Updated
2017-07-11
ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520.
Max CVSS
10.0
EPSS Score
1.24%
Published
2005-02-18
Updated
2017-07-11
Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument.
Max CVSS
9.0
EPSS Score
1.07%
Published
2004-12-31
Updated
2017-07-29
4 vulnerabilities found