Описание
Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter.
Ссылки
- Patch
- US Government Resource
- Patch
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 1.04 (включая)
cpe:2.3:a:atmail:atmail_open:*:*:open-source:*:*:*:*:*
EPSS
Процентиль: 64%
0.0046
Низкий
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
debian
почти 14 лет назад
Multiple directory traversal vulnerabilities in (1) compose.php and (2 ...
github
больше 3 лет назад
Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter.
EPSS
Процентиль: 64%
0.0046
Низкий
5 Medium
CVSS2
Дефекты
CWE-22