Lucene search

[email protected]CVE-2023-40160

HistoryMar 18, 2024 - 1:15 a.m.

CVE-2023-40160

2024-03-1801:15:48

[email protected]

web.nvd.nist.gov

cve-2023-40160

directory traversal

mailing list search

cgi

pmmls.exe

a.k.i software

pmailserver

pmailserver2

security vulnerability

nvd

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

Directory traversal vulnerability exists in Mailing List Search CGI (pmmls.exe) included in A.K.I Software’s PMailServer/PMailServer2 products. If this vulnerability is exploited, a remote attacker may obtain arbitrary files on the server.

Affected configurations

Vulners

Node

a.k.i_softwarepmmls.exeMatch2.5.1.561

CNA Affected

[
  {
    "vendor": "A.K.I Software ",
    "product": "pmmls.exe",
    "versions": [
      {
        "version": "2.5.1.561 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

akisoftware.com/Vulnerability202301.html

jvn.jp/en/jp/JVN92720882/