Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AtmailAtmail Open

3 matches found

CVE
CVEadded 2012/03/27 7:55 p.m.35 views

CVE-2012-1918

Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter.

5CVSS7AI score0.0069EPSS
CVE
CVEadded 2012/03/27 7:55 p.m.31 views

CVE-2012-1920

@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function.

5CVSS6.5AI score0.00524EPSS
CVE
CVEadded 2012/03/27 7:55 p.m.30 views

CVE-2012-1917

compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ (dot dot slash) sequences in the unique parameter, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ..././ (dot dot dot slash dot slash) sequence.

5CVSS6.9AI score0.00612EPSS