Описание
send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded.
send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-0410
- http://archives.neohapsis.com/archives/bugtraq/2002-03/0004.html
- http://the.cushman.net/projects/aeromail/download
- http://the.cushman.net/projects/aeromail/download/aeromail-1.45.tar.gz
- http://www.iss.net/security_center/static/8345.php
- http://www.securityfocus.com/bid/4214
EPSS
Процентиль: 82%
0.01755
Низкий
CVE ID
Связанные уязвимости
nvd
больше 23 лет назад
send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded.
EPSS
Процентиль: 82%
0.01755
Низкий