Gecad : Security Vulnerabilities, CVEs, Published In 2012
CVE-2012-4940
Public exploit
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
Max CVSS
6.4
EPSS Score
16.41%
Published
2012-10-31
Updated
2013-02-26
1 vulnerabilities found