Gecad : Security Vulnerabilities, CVEs, CVSS score >= 5
CVE-2012-4940
Public exploit
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
Max CVSS
6.4
EPSS Score
16.41%
Published
2012-10-31
Updated
2013-02-26
Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL.
Max CVSS
5.0
EPSS Score
2.87%
Published
2010-09-17
Updated
2017-08-17
2 vulnerabilities found