Directory Traversal Vulnerabilities in IceWarp Mail Server before 11.2
CVE-2015-1503 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:N/A:N
Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to webmail/old/calendar/minimizer/index.php.
Learn more about our Web App Pen Testing.