CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3124

Directory traversal vulnerability in get_message.cgi in QuarkMail allows remote attackers to read arbitrary files via a .. (dot dot) in the tf parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://packetstormsecurity.org/0908-exploits/quarkmail-lfi.txt
http://www.vupen.com/english/advisories/2009/2460
http://packetstormsecurity.org/0908-exploits/quarkmail-lfi.txt
http://www.vupen.com/english/advisories/2009/2460

Products affected by CVE-2009-3124

Ipmotor » Quarkmail » Version: N/A

cpe:2.3:a:ipmotor:quarkmail:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3124

Products

Pricing

Contact Us