Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sake_mail | Endymion | 1.0.20 | 1.0.20 |
Sake_mail | Endymion | 1.0.21 | 1.0.21 |
Sake_mail | Endymion | 1.0.22 | 1.0.22 |
Sake_mail | Endymion | 1.0.23 | 1.0.23 |
Sake_mail | Endymion | 1.0.24 | 1.0.24 |
Sake_mail | Endymion | 1.0.26 | 1.0.26 |
Sake_mail | Endymion | 1.0.27 | 1.0.27 |
Sake_mail | Endymion | 1.0.28 | 1.0.28 |
Sake_mail | Endymion | 1.0.29 | 1.0.29 |
Sake_mail | Endymion | 1.0.30 | 1.0.30 |
Sake_mail | Endymion | 1.0.31 | 1.0.31 |
Sake_mail | Endymion | 1.0.33 | 1.0.33 |
Sake_mail | Endymion | 1.0.34 | 1.0.34 |
Sake_mail | Endymion | 1.0.35 | 1.0.35 |
Sake_mail | Endymion | 1.0.36 | 1.0.36 |