Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AtMail Open-Source多个目录遍历漏洞
Vulnerability Description
AtMail是澳大利亚Atmail公司的一款开源的WebMail客户端,它提供Webmail界面、通信录管理、日历等功能,并支持IMAP、视频邮件等。 AtMail Open-Source 1.05之前版本的@Mail WebMail Client中的(1)compose.php和(2)libs/Atmail/SendMsg.php中存在多个目录遍历漏洞。远程攻击者可利用这些漏洞借助Attachment[]参数中的..(点、点)读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A