CVE-2009-10005 ContentKeeper Web Appliance < 125.10 Arbitrary File Access via mimencode

ContentKeeper Web Appliance now maintained by Impero Software versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output...