Vulnerability in Cobalt Qube
CVE-2001-1408
Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter.
EPSS: 0.081 (94.1th percentile) — read the EPSS interpretation.
Affected products
- Cobalt Qube — versions 3.0
- Cobalt Webmail — versions 2.0.1
- N/a — versions n/a
References
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_BUGTRAQ)