CVE-2008-0464
CVE-2008-0464
Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/4977unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://burnachurch.com/67/directory-traversal-luecke-in-aconon-mail/http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059856.htmlhttp://secunia.com/advisories/28617https://www.exploit-db.com/exploits/4977http://www.securityfocus.com/bid/27427http://www.vupen.com/english/advisories/2008/0310