Neosys : Security Vulnerabilities, CVEs, Published In 2006 (Directory traversal)
Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the (1) savefolder and (2) savefilename parameters.
Max CVSS
5.0
EPSS Score
1.22%
Published
2006-09-23
Updated
2017-07-20
1 vulnerabilities found