Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 31/10/2012 Updated: 26/02/2013

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote malicious users to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gecad axigen free mail server -

source: wwwsecurityfocuscom/bid/56343/info Axigen Mail Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied data A remote attacker could exploit this vulnerability using directory-traversal strings (such as '/') to obtain sensitive information, cause a denial of service conditi ...

CWE-22 http://www.kb.cert.org/vuls/id/586556 http://www.securityfocus.com/bid/56343 https://nvd.nist.gov https://www.exploit-db.com/exploits/37996/https://www.kb.cert.org/vuls/id/586556

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-4940

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect