Multiple vulnerabilities were found in CMailServer's Web Mail service including buffer overflow, SQL Injection and Cross-Site Scripting (XSS) flaws. CMailServer version 5.2 on English Win2K IIS 5.0 was tested.
84acf4cfdf663c21738923ba8986aefd2a8b5f25680f5eee678407da36243638