Description
Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.acmailer.jp/info/de.cgi?id=58
Vendor Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN64051989/index.html
Vendor Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000098
Scores
EPSS
0.0158
EPSS Percentile
72.5%
Details
CWE
CWE-22
Status
published
Products (13)
seeds/acmailer
3.9.0 beta
seeds/acmailer
3.9.1 beta
seeds/acmailer
3.9.2 beta
seeds/acmailer
3.9.3 beta
seeds/acmailer
3.9.4 beta
seeds/acmailer
3.9.5 beta
seeds/acmailer
3.9.6 beta
seeds/acmailer
3.9.7 beta
seeds/acmailer
3.9.8 beta
seeds/acmailer
3.9.9 beta
... and 3 more
Published
Jul 19, 2015
Tracked Since
Feb 18, 2026