Arbitrary PHP File Read Vulnerability in Merak Mail Server 5.2.7

CVE-2004-1721 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attackers to read arbitrary PHP files via a direct HTTP request to port 32000.

Learn more about our Cis Benchmark Audit For Server Software.