Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 up to and including 2.3.31 allows remote malicious users to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mailreader.com mailreader.com 2.3.24 |
||
mailreader.com mailreader.com 2.3.25 |
||
mailreader.com mailreader.com 2.3.26 |
||
mailreader.com mailreader.com 2.3.27 |
||
mailreader.com mailreader.com 2.3.22 |
||
mailreader.com mailreader.com 2.3.23 |
||
mailreader.com mailreader.com 2.3.30 |
||
mailreader.com mailreader.com 2.3.31 |
||
mailreader.com mailreader.com 2.3.20 |
||
mailreader.com mailreader.com 2.3.21 |
||
mailreader.com mailreader.com 2.3.28 |
||
mailreader.com mailreader.com 2.3.29 |
||
debian debian linux 3.0 |
Vulmon