CVE-2008-1751

Ksemail - Path Traversal

Title source: llm

Description

Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters.

Exploits (1)

exploitdb WRITEUP VERIFIED
by dun · textwebappsphp
https://www.exploit-db.com/exploits/5423

References (5)

Scores

EPSS 0.0343
EPSS Percentile 87.3%

Classification

CWE
CWE-22
Status draft

Affected Products (1)

ksemail/ksemail

Timeline

Published Apr 11, 2008
Tracked Since Feb 18, 2026