Back to search
CVE-2007-3620
Published: Jul 9, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to (a) php/login.php, (b) php/internal-init.php, and (c) php/xlogin.php; the (4) lang parameter to (b) php/internal-init.php; and the (5) language parameter to (c) php/xlogin.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.maiamailguard.org/maia/changeset/1184
x_refsource_CONFIRM
37885
vdb-entry
x_refsource_OSVDB
37887
vdb-entry
x_refsource_OSVDB
37886
vdb-entry
x_refsource_OSVDB
ADV-2007-2456
vdb-entry
x_refsource_VUPEN
http://www.maiamailguard.org/maia/ticket/479
x_refsource_CONFIRM
25951
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now