2 matches found
CVE-2020-25850 HGiga MailSherlock - Arbitrary File Download
The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files...
CVE-2020-25850
HGiga MailSherlock’s View Source Code feature is vulnerable to arbitrary file download due to insufficient validation of specific characters. Multiple sources (CVE-2020-25850 entries, CNVD-2021-06948) describe that remote attackers can exploit this to download arbitrary system files. The vulnerab...