CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-4940

MEDIUM
6.4
CVSS Severity Score
EPSS Score0.0800%
EPSS Percentile41.88th
Published2012年10月31日
Last Modified2026年4月29日

Vulnerability Description

Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.

Affected Platforms (CPE)

📦
Gecad

Axigen Free Mail Server

All versions

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/586556
🔗 http://www.securityfocus.com/bid/56343
🔗 http://www.kb.cert.org/vuls/id/586556
🔗 http://www.securityfocus.com/bid/56343

相关漏洞威胁

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...