CVE-2002-1581

Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter.

Published: Dec 6, 2004
Updated: Apr 13, 2023
CVE: CVE-2002-1581
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mailreader.com / mailreader.com	2.3.29	2.3.29.x
mailreader.com / mailreader.com	2.3.20	2.3.20.x
mailreader.com / mailreader.com	2.3.21	2.3.21.x
mailreader.com / mailreader.com	2.3.30	2.3.30.x
mailreader.com / mailreader.com	2.3.25	2.3.25.x
mailreader.com / mailreader.com	2.3.22	2.3.22.x
mailreader.com / mailreader.com	2.3.24	2.3.24.x
mailreader.com / mailreader.com	2.3.23	2.3.23.x
mailreader.com / mailreader.com	2.3.28	2.3.28.x
mailreader.com / mailreader.com	2.3.31	2.3.31.x
mailreader.com / mailreader.com	2.3.26	2.3.26.x
mailreader.com / mailreader.com	2.3.27	2.3.27.x
debian / debian_linux	3.0	3.0.x

Vulnerability Database

289,599

CVE-2002-1581