CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2002-1582
https://notcve.org/view.php?id=CVE-2002-1582
compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi. compose.cgi en Mailreader.com 2.3.30 y 2.3.31, cuando se usa Sendmail como Agente de Transferencia de Correo (MTA), permite a atacantes remotos ejecutar código arbitrario mediante metacaractéres de shell en la variable de configuración RealMail • http://www.iss.net/security_center/static/10491.php http://www.mailreader.com/download/ChangeLog http://www.securityfocus.com/archive/1/297428 http://www.securityfocus.com/bid/6058 •
CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 3CVE-2002-1581 – MailReader.com 2.3.x - 'NPH-MR.cgi' File Disclosure
https://notcve.org/view.php?id=CVE-2002-1581
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter. Vulnerabilidad de atravesamiento de directorios en nph-mr.cgi en Mailreader.com 2.3.20 a 2.3.31 permite a atacantes remotos ver ficheros de su elección mediante secuencias .. (punto punto) y un byte nulo (%00) en el parámetro configLanguage • https://www.exploit-db.com/exploits/21966 http://mailreader.com/download/ChangeLog http://www.debian.org/security/2004/dsa-534 http://www.iss.net/security_center/static/10490.php http://www.securityfocus.com/archive/1/297428 http://www.securityfocus.com/bid/6055 •