CVE-2000-0716

WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email...

alt-n WorldClient standard 2.1 - Directory Traversal

source: https://www.securityfocus.com/bid/1462/info The HTTP interface for WorldClient 2.1 is vulnerable to a directory traversal. By requesting a URL composed of the filename and ..\ it is possible for a remote user to retrieve and dowload any file of known location. Example:...