Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to webmail/old/calendar/minimizer/index.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-08T20:00:00
Updated: 2024-08-06T04:47:16.957Z
Reserved: 2015-02-06T00:00:00
Link: CVE-2015-1503
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-05-08T20:29:00.250
Modified: 2024-11-21T02:25:34.333
Link: CVE-2015-1503
Redhat
No data.