Описание
Directory traversal vulnerability in the load function in cgi-bin/mail/mailmachine.cgi in Mail Machine 3.989 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the archives parameter in a Load action.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mail_machine:mail_machine:3.980:*:*:*:*:*:*:*
cpe:2.3:a:mail_machine:mail_machine:3.985:*:*:*:*:*:*:*
cpe:2.3:a:mail_machine:mail_machine:3.987:*:*:*:*:*:*:*
cpe:2.3:a:mail_machine:mail_machine:3.988:*:*:*:*:*:*:*
cpe:2.3:a:mail_machine:mail_machine:3.989:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08289
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in the load function in cgi-bin/mail/mailmachine.cgi in Mail Machine 3.989 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the archives parameter in a Load action.
EPSS
Процентиль: 92%
0.08289
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other