EMU Webmail allows local users to execute arbitrary programs via a .. (dot dot) in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-08-12
Updated
2008-09-05
Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x and 5.1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter.
Max CVSS
5.0
EPSS Score
0.32%
Published
2002-08-12
Updated
2008-09-05
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!