Stalker: >> Communigate Pro >> 3.2.4 Security Vulnerabilities
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
CVSS Score
5.8
EPSS Score
0.026
Published
2003-12-31
The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVSS Score
5.0
EPSS Score
0.076
Published
2000-04-03