Summary
Axigen Webmail is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.
Axigen Webmail 7.4.1 is vulnerable
other versions may be affected.
Solution
Vendor updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-3459, CVE-2010-3460 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat source.jsp malformed request information disclosure
- Adobe ColdFusion HTTP Response Splitting Vulnerability
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Apache Struts2 'XWork' Information Disclosure Vulnerability
- Advanced Image Hosting Cross Site Scripting Vulnerability