Lucene search
MitreVULNRICHMENT:CVE-2024-34470HistoryMay 06, 2024 - 12:00 a.m.
CVE-2024-34470
2024-05-0600:00:00
mitre
github.com
1
hsc mailinspector
path traversal
unauthenticated vulnerability
arbitrary files
An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:hsc:Mailinspector:*:*:*:*:*:*:*:*"
],
"vendor": "hsc",
"product": "Mailinspector",
"versions": [
{
"status": "affected",
"version": "*"
}
],
"defaultStatus": "unknown"
}
]References
Related
githubexploit
githubexploit
Exploit for CVE-2024-34470
2024-06-19 11:32:40
Exploit for CVE-2024-34470
2024-06-23 02:23:57
Exploit for CVE-2024-34470
2024-06-20 16:47:28
cve
cve
CVE-2024-34470
2024-05-06 15:15:24
nvd
nvd
CVE-2024-34470
2024-05-06 15:15:24
cvelist
cvelist
CVE-2024-34470
2024-05-06 00:00:00
nuclei
nuclei
HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion
2024-05-30 12:04:18
openvas
openvas
AI Score
6.7
Confidence
Low
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-34470