exploitDog

GHSA-mjv7-394p-9g5m

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability.

dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability.

Ссылки

EPSS

Процентиль: 90%

0.05936

Низкий

CVE ID

Связанные уязвимости

CVE-2005-4557

nvd

около 20 лет назад

dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability.

EPSS

Процентиль: 90%

0.05936

Низкий

CVE ID