Gecad: >> Axigen Free Mail Server Security Vulnerabilities
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
CVSS Score
6.4
EPSS Score
0.706
Published
2012-10-31