exploitDog

GHSA-mr87-c8m9-c37x

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the (1) savefolder and (2) savefilename parameters.

Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the (1) savefolder and (2) savefilename parameters.

Ссылки

EPSS

Процентиль: 93%

0.09662

Низкий

CVE ID

Связанные уязвимости

CVE-2006-4955

nvd

больше 19 лет назад

Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the (1) savefolder and (2) savefilename parameters.

EPSS

Процентиль: 93%

0.09662

Низкий

CVE ID