7 lines
No EOL
493 B
Text
7 lines
No EOL
493 B
Text
source: http://www.securityfocus.com/bid/11599/info
|
|
|
|
TIPS MailPost is affected by a remote file enumeration vulnerability. This issue is due to a failure to properly sanitize user requests.
|
|
|
|
An attacker may leverage this issue to gain knowledge of the existence of files outside the Web root directory. Information disclosed in this way may facilitate further attacks.
|
|
|
|
http://www.example.com/scripts/mailpost.exe/..%255c..%255c..%255cwinnt/system.ini?*nosend*=&email=test@procheckup.com |