2.6

CVE-2004-2547

Exploit
NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NetwinSurgemail Version1.0c
NetwinSurgemail Version1.0d
NetwinSurgemail Version1.1a
NetwinSurgemail Version1.1b
NetwinSurgemail Version1.1c
NetwinSurgemail Version1.1d
NetwinSurgemail Version1.2a
NetwinSurgemail Version1.2b
NetwinSurgemail Version1.2c
NetwinSurgemail Version1.3a
NetwinSurgemail Version1.3a_rc1
NetwinSurgemail Version1.3b
NetwinSurgemail Version1.3c
NetwinSurgemail Version1.3d
NetwinSurgemail Version1.3e
NetwinSurgemail Version1.3f
NetwinSurgemail Version1.3g
NetwinSurgemail Version1.3h
NetwinSurgemail Version1.3i
NetwinSurgemail Version1.3j
NetwinSurgemail Version1.3k
NetwinSurgemail Version1.3l
NetwinSurgemail Version1.4a
NetwinSurgemail Version1.4b
NetwinSurgemail Version1.4c
NetwinSurgemail Version1.5a
NetwinSurgemail Version1.5b
NetwinSurgemail Version1.5c
NetwinSurgemail Version1.5d
NetwinSurgemail Version1.5d2
NetwinSurgemail Version1.5f
NetwinSurgemail Version1.6a
NetwinSurgemail Version1.6b
NetwinSurgemail Version1.6d
NetwinSurgemail Version1.6e
NetwinSurgemail Version1.6e2
NetwinSurgemail Version1.7a
NetwinSurgemail Version1.7b3
NetwinSurgemail Version1.8a
NetwinSurgemail Version1.8b3
NetwinSurgemail Version1.8d
NetwinSurgemail Version1.8e
NetwinSurgemail Version1.8g3
NetwinSurgemail Version1.9b2
NetwinSurgemail Version2.0a2
NetwinWebmail Version3.1d
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 17.98% 0.949
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.