Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0780. PoCs published by Timescape.
AI-analyzed exploit summary The exploit describes a vulnerability in IPSWITCH IMail where improper access validation allows users to attach arbitrary files from the server via the web interface. The attack leverages the 'X-Attachments' header to specify a file path, potentially exposing sensitive data.
Description
The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack.
Exploits (1)
The exploit describes a vulnerability in IPSWITCH IMail where improper access validation allows users to attach arbitrary files from the server via the web interface. The attack leverages the 'X-Attachments' header to specify a file path, potentially exposing sensitive data.