CVE-2005-1284 Information

Description

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts even if \Allow Creation of Accounts From the Web Interface\ is disabled via a direct HTTP POST request.

Reference

http://marc.info/?l=bugtraq&m=111419001527077&w=2 http://www.osvdb.org/15822 http://www.securityfocus.com/bid/13323 https://exchange.xforce.ibmcloud.com/vulnerabilities/20228