Vulnerabilities > CVE-2004-2547 - Unspecified vulnerability in Netwin Surgemail and Webmail

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
netwin
exploit available
NVD
Published: 2004-12-31
Updated: 2024-11-20

Summary

NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.

Vulnerable Configurations

Part Description Count
Application
Netwin
46

Exploit-Db

descriptionNetWin SurgeMail 1.8/1.9/2.0,WebMail 3.1 Error Message Path Disclosure. CVE-2004-2547. Webapps exploit for php platform
idEDB-ID:24176
last seen2016-02-02
modified2004-06-07
published2004-06-07
reporterDonnie Werner
sourcehttps://www.exploit-db.com/download/24176/
titleNetWin SurgeMail 1.8/1.9/2.0,WebMail 3.1 Error Message Path Disclosure

References