CVE-2016-1212

LOW

Futomi MP Form Mail CGI Pro <3.2.3 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.

References (3)

Core 3
Core References
Vendor Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000069
Vendor Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN42545812/index.html
Vendor Advisory x_refsource_confirm
http://www.futomi.com/library/info/2016/201605.html

Scores

CVSS v3 2.7
EPSS 0.0229
EPSS Percentile 81.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
futomi/mp_form_mail_cgi < 3.2.3
Published Jun 05, 2016
Tracked Since Feb 18, 2026