Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml.
References
Configurations
History
No history.
Information
Published : 2005-05-18 04:00
Updated : 2024-02-04 16:52
NVD link : CVE-2005-1657
Mitre link : CVE-2005-1657
CVE.ORG link : CVE-2005-1657
JSON object : View
Products Affected
mercur
- mercur_messaging
CWE