exploitDog

CVE-2000-0977

Опубликовано: 19 дек. 2000

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-10/0172.html
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/1807
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5358
http://archives.neohapsis.com/archives/bugtraq/2000-10/0172.html
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/1807
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5358

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oatmeal_studios:mail_file:1.10:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04092

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wmj9-6vp5-25g7

github

почти 4 года назад

mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.

EPSS

Процентиль: 88%

0.04092

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other