NuytsTech Security

CVE-2000-0977

by ·

mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.

Date published : 2001-01-22

http://www.securityfocus.com/bid/1807

http://archives.neohapsis.com/archives/bugtraq/2000-10/0172.html

Tags: