mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
828 B
828 B
CVE-2004-2547
Description
NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.
POC
Reference
- http://www.exploitlabs.com/files/advisories/EXPL-A-2004-002-surgmail.txt
- http://www.exploitlabs.com/files/advisories/EXPL-A-2004-002-surgmail.txt
Github
No PoCs found on GitHub currently.