Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:22:42
Updated: 2022-10-03T16:22:42
Reserved: 2022-10-03T00:00:00
Link: CVE-2005-1657
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-05-18T04:00:00.000
Modified: 2008-09-05T20:49:43.730
Link: CVE-2005-1657
JSON object: View
Redhat Information
No data.
CWE