Back to search
CVE-2004-2547
Published: Nov 21, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
surgemail-invalid-path-disclosure(16319)
vdb-entry
x_refsource_XF
6745
vdb-entry
x_refsource_OSVDB
10483
vdb-entry
x_refsource_BID
20040603 Surgemail - Multiple Vulnerabilities
mailing-list
x_refsource_FULLDISC
11772
third-party-advisory
x_refsource_SECUNIA
http://www.netwinsite.com/surgemail/help/updates.htm
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now