W3Mail 1.0.6 File Disclosure Vulnerability

ID EDB-ID:22015
Type exploitdb
Reporter Tim Brown
Modified 2002-11-12T00:00:00


W3Mail 1.0.6 File Disclosure Vulnerability. CVE-2002-2399. Webapps exploit for cgi platform

                                            source: http://www.securityfocus.com/bid/6170/info

Versions of W3Mail 1.0.6 and greater are susceptible to a file disclosure vulnerability. To view attachments, the script "viewAttachment.cgi" accepts the parameter "file". The value of this parameter is passed to the open() function as the filename argument without being sanitized. Attackers may cause any file on the filesystem to open by specifying its relative path using directory traversal characters.