Vulnerability Details CVE-2005-3811
Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to overwrite arbitrary files with session information via the sid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.073
EPSS Ranking 91.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0580.html
- http://secunia.com/advisories/16665
- http://secunia.com/secunia_research/2005-58/advisory/
- http://securityreason.com/securityalert/195
- http://www.osvdb.org/20925
- http://www.securityfocus.com/bid/15493/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23132
- http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0580.html
- http://secunia.com/advisories/16665
- http://secunia.com/secunia_research/2005-58/advisory/
- http://securityreason.com/securityalert/195
- http://www.osvdb.org/20925
- http://www.securityfocus.com/bid/15493/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23132
Products affected by CVE-2005-3811
-
cpe:2.3:a:amax_information_technologies:magic_winmail_server:*