3 matches found
AfterLogic 多个安全漏洞(CVE-2021-26292 CVE-2021-26293 CVE-2021-26294)
CVE-2021-26292 - Public Full Path Disclosure on AfterLogic Aurora & WebMail Pro WebDAV EndPoint The severity of the issue: Medium Complexity: Easy Affected Products: AfterLogic Aurora, AfterLogic WebMail PRO Authentication: Not required Attacks: Full Path Disclosure Resources : -...
CVE-2021-26293
creationtimestamp| type| source ---|---|--- 2021-03-05 00:47:05+00:00| seen| https://t.me/cibsecurity/24481 2021-05-22 02:48:59+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/499 2021-10-23 12:59:05+00:00| published-proof-of-concept|...
CVE-2021-26293
CVE-2021-26293 affects AfterLogic Aurora and WebMail Pro (DAV enabled). The vulnerability stems from directory traversal in the WebDAV handling (DAVServer.php/DAV/Server.php) that allows creating files under the web root, enabling potential remote code execution via uploaded files. Severity is hi...