CVE-2006-4955

CVE-2006-4955 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the (1) savefolder and (2) savefilename parameters.

Learn more about our Web App Pen Testing.