Vulnerabilities > CVE-2001-1408 - Directory Traversal vulnerability in Cobalt Qube and Webmail
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Cobalt Qube Webmail 1.0 Directory Traversal Vulnerability. CVE-2001-1408. Webapps exploit for php platform |
| id | EDB-ID:20995 |
| last seen | 2016-02-02 |
| modified | 2001-07-05 |
| published | 2001-07-05 |
| reporter | kf |
| source | https://www.exploit-db.com/download/20995/ |
| title | cobalt qube webmail 1.0 - Directory Traversal Vulnerability |
Nessus
| NASL family | CGI abuses |
| NASL id | COBALT_CUBE_WEBMAIL_DIR_TRAV.NASL |
| description | The file |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11073 |
| published | 2002-08-14 |
| reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/11073 |
| title | Cobalt Qube WebMail readmsg.php mailbox Parameter Traversal Arbitrary File Access |