CVE-2004-1102

MailPost <5.1.1sv - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1102. PoCs published by Gemma Hughes.

AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in TIPS MailPost to enumerate files outside the web root directory. The vulnerability arises from improper sanitization of user requests, allowing path traversal sequences to access sensitive files.

Description

MailPost 5.1.1sv, and possibly earlier versions, displays a different error message depending on whether the requested file exists or not, which allows remote attackers to gain sensitive information.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Gemma Hughes · textwebappscgi
https://www.exploit-db.com/exploits/24723

This exploit leverages a directory traversal vulnerability in TIPS MailPost to enumerate files outside the web root directory. The vulnerability arises from improper sanitization of user requests, allowing path traversal sequences to access sensitive files.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: TIPS MailPost
No auth needed
Prerequisites: Network access to the target server · TIPS MailPost installed and accessible
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11599
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/306086
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17954

Scores

EPSS 0.0879
EPSS Percentile 94.5%

Details

Status published
Products (1)
tips/mailpost 5.1.1_sv
Published Jan 10, 2005
Tracked Since Feb 18, 2026