CVE-2024-34470
- Reference to the description:
- Description:
- An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.
- Last updated date:
- 07/03/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/19/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/20/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/23/2024
- Reference url to background