CVE-2018-5700
14.01.2018, 20:29
Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copy_folder_file call (in inc/class.ftpfolder.php) to move a .php file from the FTP folder into a web folder.
Path Traversal
Vendor | Product | Version |
---|---|---|
magicwinmail | winmail_server | 𝑥 ≤ 6.2 |
𝑥
= Vulnerable software versions