Описание
Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0464
- https://www.exploit-db.com/exploits/4977
- http://burnachurch.com/67/directory-traversal-luecke-in-aconon-mail
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059856.html
- http://secunia.com/advisories/28617
- http://www.securityfocus.com/bid/27427
- http://www.vupen.com/english/advisories/2008/0310
Связанные уязвимости
nvd
около 18 лет назад
Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.