Description
Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash), (2) %5C (encoded backslash), or (3) %255c (double-encoded backslash) in the name parameter.
Affected products
- SmarterTools / SmarterMail7.1.3876 – 7.1.3876
References
- MISChttp://www.securityfocus.com/bid/43324
- MISChttp://cloudscan.blogspot.com/2010/09/smarter-stats-533819-file-fuzzing.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/61910
- EXPLOIThttp://www.exploit-db.com/exploits/15048
- EXPLOIThttp://packetstormsecurity.org/1009-exploits/smartermail-traversal.txt
Updated 26m ago · 2 sources