CVE-2008-3727

MicroWorld Technologies MailScan <5.6.a - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SlaYeR · cremotewindows

https://www.exploit-db.com/exploits/6407

View Code ZIP pw:eip

References (7)

[Exploit] http://marc.info/?l=bugtraq&m=121881329424635&w=2

[Vendor Advisory] http://secunia.com/advisories/31534

[Exploit] http://www.oliverkarow.de/research/mailscan.txt

[Exploit] http://www.securityfocus.com/bid/30700

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44514

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6407

[Third Party Advisory] http://securityreason.com/securityalert/4172

Scores

EPSS 0.0050

EPSS Percentile 66.0%

Details

CWE

CWE-22

Status published

Products (1)

microworld_technologies/mailscan 5.6.a

Published Aug 20, 2008

Tracked Since Feb 18, 2026