RSS   Vulnerabilities for 'Sake mail'   RSS

2002-08-12
 
CVE-2002-0418

 

 
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter.

 

 >>> Vendor: Endymion 2 Products
Mailman webmail
Sake mail


Copyright 2024, cxsecurity.com

 

Back to Top