Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2002-1966

Publish Date: 15 Jun 2002

Author: cult

                source: http://www.securityfocus.com/bid/5029/info

My Postcards is a commercial available eletronic postcard system. It is available for Unix and Linux Operating Systems.

The magiccard.cgi script does not properly handle some types of input. As a result, it may be possible for a remote user to specify the location of a specific file on the system hosting the My Postcards software. Upon specifying the location of a file that is readable by the web server process, the user could disclose the contents of the specified file. 

http://www.example.com/cgi-bin/magiccard.cgi?pa=preview&amp;next=custom&amp;page=../../../../../../../../../../etc/passwd

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure

Vulmon Search

About

Products

Connect