CVE-2005-1284

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request.

Date published : 2005-04-26

http://www.securityfocus.com/bid/13323

http://marc.info/?l=bugtraq&m=111419001527077&w=2