CVE-2015-2971

Seeds acmailer <3.8.18, <3.9.12 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.acmailer.jp/info/de.cgi?id=58
Vendor Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN64051989/index.html
Vendor Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000098

Scores

EPSS 0.0158
EPSS Percentile 72.5%

Details

CWE
CWE-22
Status published
Products (13)
seeds/acmailer 3.9.0 beta
seeds/acmailer 3.9.1 beta
seeds/acmailer 3.9.2 beta
seeds/acmailer 3.9.3 beta
seeds/acmailer 3.9.4 beta
seeds/acmailer 3.9.5 beta
seeds/acmailer 3.9.6 beta
seeds/acmailer 3.9.7 beta
seeds/acmailer 3.9.8 beta
seeds/acmailer 3.9.9 beta
... and 3 more
Published Jul 19, 2015
Tracked Since Feb 18, 2026